From owner-freebsd-chat  Tue Jul 28 21:20:35 1998
Return-Path: <owner-freebsd-chat@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id VAA04209
          for freebsd-chat-outgoing; Tue, 28 Jul 1998 21:20:35 -0700 (PDT)
          (envelope-from owner-freebsd-chat@FreeBSD.ORG)
Received: from obie.softweyr.com ([204.68.178.33])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA04161
          for <freebsd-chat@freebsd.org>; Tue, 28 Jul 1998 21:20:27 -0700 (PDT)
          (envelope-from wes@softweyr.com)
Received: from softweyr.com (zaphod.softweyr.com [204.68.178.35])
	by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id WAA15257;
	Tue, 28 Jul 1998 22:19:47 -0600 (MDT)
	(envelope-from wes@softweyr.com)
Message-ID: <35BEA2E3.9EFB8C9F@softweyr.com>
Date: Tue, 28 Jul 1998 22:19:47 -0600
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr llc
X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2.6-RELEASE i386)
MIME-Version: 1.0
To: Mike Tancsa <mike@sentex.net>
CC: freebsd-chat@FreeBSD.ORG
Subject: Re: QPopper exploit
References: <xzplnpf59fc.fsf@hrotti.ifi.uio.no> <35be78f0.278958611@mail.sentex.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-chat@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Mike Tancsa wrote:
 
> I could only guess how often more 'popular' targets get attacked.  We
> are only a 6000 user ISP.  Imagine how much AOL and Microsoft must
> see.

Not very much, inside the firewall.

>From my former office at Intel, I had 13 hops to the "outside world",
through two firewalls that *I knew of.*

Now, between either of my workstations at Xylan (one Sun, one FreeBSD
for doing *REAL* work ;^), there is only one firewall, but all of
the internal traffic flows over switched networks using VLANs, so we
don't need quite so much firewalling.

One quick, fast, reliable way to protect yourself is to put your
router/firewall to the outside world onto a switch port on a 
smart switch; the router/firewall won't see *most* of the internal,
unicast traffic, and therefore cannot be used to snoop any of that.

It helps with speed, too.  ;^)

-- 
       "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                 Softweyr LLC
http://www.softweyr.com/~softweyr                      wes@softweyr.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message