Date: July 19, 2001

Presenter: Chet Uber

Affiliation: Nebraska CERT

The speaker for this meeting was Chet Uber - long time ITC member specializing in network security issues.

Chet Uber has authored paper titled, "Personal Firewalls: Making Them Work." Chet will be presenting his paper at the CERT Conference 2001, August 6-10 (see www.certconf.org for details). The issue of remote access by employees using DSL and Cable Modems is presenting the Internet and its users with one of the largest security threats ever. Any host that is permanently connected to the Internet may be used as a launching point for DDoS attacks; and the combination of a well known trojan and a new worm are currently exploiting this weakness.

The widespread use of the new broadband pipes poses a security risk as hackers use them to tunnel through firewalls from unsuspecting employees. Recall the famous break-in at Microsoft last year in which the hackers went in through the corporate firewall using an employee's home computer via the cable modem. The weakest link in the corporate firewall was not the firewall itself - but the "firewall" of the home (remote) computer connected via a broadband circuit.

The CERT/CC has written a special section just on this topic titled "Home Network Security." Chet's presentation deals with real world solutions and which products will or will not provide adequate protection. Visit the CERT web site for more information on Home Network Security.

With permission of the the presenter, Personal Firewalls: Making Them Work has been provided for the ITC as a Portable Document Format (PDF) file. To read this file, you will need to download the free Adobe Acrobat Reader.