Firewall Fallacies
Having access to the wealth of information on the Internet is an essential tool for your business. However, connecting your private network to the Internet can expose critical or confidential data to malicious attackers from anywhere in the world.
Firewalls can protect both individual computers and corporate networks from hostile intrusion from the Internet, but a firewall alone is not capable of protecting all aspects of the network's security.
Why have a firewall ?
The job of a firewall is to block unwanted traffic. Unfortunately, the publicly accessible services such as mail and web servers are often the entry point for attackers. Since the traffic is permitted by the firewall, the only way to prevent these attacks is to actively maintain the software running on those systems, including the firewall itself. Vulnerabilities have been discovered in most popular firewalls, including Checkpoint, Cisco, Symantec and WatchGuard.
When a firewall is configured, it is setup to permit traffic to a given service, such as HTTP (the web server). Firewalls cannot be configured to understand every possible URL that is valid for a Web site and therefore, any seemingly valid HTTP request will be allowed through. The Nimda worm infected Microsoft IIS servers by sending a URL such as:
http://somewebserver.com/null.ida?the-nimda-exploit-string
Firewalls simply cannot protect against URL based attacks or other such exploits that take advantage of flaws in the normal services of a system.
How Nexpose Helps
Nexpose can help prevent attackers from exploiting your system by finding the vulnerabilities before they do. When new vulnerabilities are discovered, Nexpose is quickly updated with rules for detecting the vulnerability. Nexpose then pulls the update automatically from the Rapid7 Web site. Once updated, the Nexpose server can test the network for the vulnerability and notify administrators when a vulnerable system is discovered.
