Firewall Wizards mailing list archives
Re: Taking Testing a Firewall to the extreme
From: Dominique Brezinski <dominique.brezinski () cybersafe com>
Date: Thu, 02 Oct 1997 13:58:21 -0700
At 05:26 PM 9/30/97 +0100, you wrote:
OK, so call this OTT, (and Marcus...stop me when I go too far!) Does the group consider the use of Electro-Magnetic Radiation scanning tools, keyboard taps etc. outside the scope of a 'normal' test.
I would not consider it part of a normal firewall test per se, but rather part of network or computer security assessment and risk analysis. Having a firewall run on TEMPEST hardware is of little benefit if the rest of the network is not shielded. If Van Eck attacks are truely a justified risk in your environment, then a majority of your information processing equipement will need to conform to TEMPEST and specific physical security standards, not just the firewall. Does this make sense?
I suppose one has to define what a 'normal' penetration test is, and certainly it ain't the job of a firewall to cater for that type of compromise, but more the job of the policy.
Well, it will be part of a normal security assessment if it is justified by the risk analysis. In classified environments it surely is.
My $0.02 ------------------------------------------------------------- Edward Cracknell - <edward () SecurIT net> Security Administrator
Dominique Brezinski ---------------------------------------------------- My opinions expressed here, and in any public forum, are my own and do not represent those of my employer or its clients. I am an individual.
Current thread:
- Taking Testing a Firewall to the extreme Edward Cracknell (Oct 01)
- Re: Taking Testing a Firewall to the extreme Paul D. Robertson (Oct 02)
- Re: Taking Testing a Firewall to the extreme Adam Shostack (Oct 02)
- <Possible follow-ups>
- Re: Taking Testing a Firewall to the extreme Dominique Brezinski (Oct 02)