[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: Re: firewalls & java applets...the race is on!
From: jim () coltano ! stortek ! com
Date: 1997-09-10 9:49:06
[Download RAW message or body]
>From owner-firewalls-outgoing@GreatCircle.COM Wed Sep 10 01:25 MDT 1997
>From: Darren Reed <avalon@coombs.anu.edu.au>
>Subject: firewalls & java applets...the race is on!
>To: Firewalls@GreatCircle.COM (Firewalls Mailing List)
>Date: Wed, 10 Sep 1997 12:18:56 +1000 (EST)
>
>I received this from someone else...
>
>LEARN TO SNEAK YOUR JAVA APPLETS BEHIND FIREWALLS
>
>Java applet security restrictions prevent users who sit behind a
>corporate firewall or proxy server and who use Netscape Navigator as
>their primary Web browser from making use of Java applets that
>connect back to the applet's originating server. At least until now.
>Read our latest Java Tip to find out how you can bypass these
>restrictions -- and identify the security risk the technique poses.
>
> http://www.javaworld.com/javaworld/javatips/jw-javatip37.html
>
>
I looked at this, and find that this is a very good reason to have a policy
that does not permit individual desktops to access resources outside your
network. And implement the policy on a packet filtering router. And it
is probably a justification for doing both packet filtering as well as
application gateways.
I am particularly disturbed that javaworld would publish this. It is
completely irresponsible. I can bet that some time today, I am going to
have a user call the help desk, open a severity 1 problem that he can't
get to some mission critical applet after attempting this hack. And then
I am going to have to get his butt fired for a breach of security attempt.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic