My point was that for those who want to know if a compensating control
(network design) is sufficient protection, the answer is that in this case
it usually won't be as the vulnerability can still be exploited as long as
the web service is available outside the protected network.



On Tue, Apr 22, 2014 at 1:13 PM, <rob@xxxxxxxxx> wrote:

Keeping in mind that many people think that the only nefarious attacks
you'll ever get are from outside of your company I can maybe see if that's
where Mr. Draper is coming from. Supposing that mythological beast is
true, there is always the risk that someone's PC could get infected and
start scanning your network, take advantage of that weakness and report
the results to the outside.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.






This thread ...

Follow-Ups:
Replies:

Return to Archive home page | Return to MIDRANGE.COM home page