Firewall Limitations
A firewall is a crucial component of securing your network and is designed to address the issues of data integrity or traffic authentication (via stateful packet inspection) and confidentiality of your internal network (via NAT). Your network gains these benefits from a firewall by receiving all transmitted traffic through the firewall. Your network gains these benefits from a firewall by receiving all transmitted traffic through the firewall. The importance of including a firewall in your security strategy is apparent; however, firewalls do have the following limitations:
• A firewall cannot prevent users or attackers with modems from dialing in to or out of the internal network, thus bypassing the firewall and its protection completely.
• Firewalls cannot enforce your password policy or prevent misuse of passwords. Your password policy is crucial in this area because it outlines acceptable conduct and sets the ramifications of noncompliance.
• Firewalls are ineffective against nontechnical security risks such as social engineering, as discussed in Chapter 1, “There Be Hackers Here.”
• Firewalls cannot stop internal users from accessing websites with malicious code, making user education critical.
• Firewalls cannot protect you from poor decisions.
• Firewalls cannot protect you when your security policy is too lax.
Note
The FBI’s arrest of the phone master’s cracker ring brought several of these security issues to light. These hackers were accused of breaking into credit-reporting databases belonging to Equifax, Inc. and TRW, Inc. and the databases of Nexis/Lexis and Dun & Bradstreet. They also broke into many of the world’s providers. In doing so, these hackers did not use any high-tech attack methods. The phone masters used a combination of social engineering and dumpster diving, both techniques used by attackers that have little technical skill (refer to Chapter 1).