[Info-vax] HTTP and HTML File Upload Basics

[Scott Dorsey]

Phillip Helbig (undress to reply) <helbig at asclothestro.multivax.de> wrote:
>In article <rmv346$1sl$1 at dont-email.me>, Simon Clubley
><clubley at remove_me.eisner.decus.org-Earth.UFP> writes: 
>
>> > Of course, being on private networks, these aren't publicly visible.
>> 
>> Are you sure ? :-)
>> 
>> For example, at one time, network printers were merely devices for
>> printing on sheets of paper.
>> 
>> Now they can also be used to compromise the rest of the network.
>
>I mean something on a network 192.168.1.*.  You can't connect to that IP 
>address from the outside world unless some gateway is involved, and you 
>have control over where requests from outside go to.  As an example, 
>they could all go to one machine, or some cluster address, but other 
>machines on the network aren't visible from outside.  Sure, if you get 
>inside the door, then you can go into another room, but that is a common 
>problem and has nothing to do with VMS.

I think he is pointing out that since it is increasingly easier for people
to get inside the door thanks to devices like network printers which can be
turned into devices that open outgoing connections to servers that feed them
commands to do evil, that many people are no longer willing to consider their
internal network to be the isolated garden that they once did.

And no, that problem has nothing to do with VMS, but it means that you need
to either prepare VMS systems as if they were on external networks even when
they are not, or make that much more effort to keep isolated networks isolated
even in the face of misguided employees who plug wifi-enabled printers into
them which might inadvertently gateway wifi devices to the internal net.
--scott
-- 
"C'est un Nagra. C'est suisse, et tres, tres precis."