1. Makes users believe that they are safe from network attacks.
2. Does not protect against attacks originating within established sessions.
3. Can often be exploited to gain network access.
4. Often does not get updated due to user laziness/ignorance.
5. Most lack proper configuration.
Software firewall:
1. Does not protect against attacks originating within established sessions.
2. Does not actually secure the machine, it only attempts to block access to exploitable services. Better solution is to simply disable anything not being used.
3. Tricks people into thinking that a ';stealthed'; port has some sort of value for security.
4. Can often be exploited to allow access to the machine.
5. Misinterperets network traffic and suggests attacks for marketing purposes rather than for defense. (BlackIce, Comodo, ZoneAlarm)How can installation of a firewall give an organization a false sense of security?
Firewalls generally only stop certain types of traffic. For organizations that need to have secure communications, there are dozens of other attack vectors that hackers use to compromise security which need to be understood.
Firewalls do no protect against network eavesdropping, nor to they detect intrusion attempts. They don't know if you're downloading malware, and they can't stop physical breaches of security.
The entire network needs to be secured, and a firewall simply isn't a magic bullet for security.
No comments:
Post a Comment