http://www.infoworld.com/cgi-bin/displayStory.pl?990129.whhyper.htm
File-compression package circumvents firewalls
By Matthew Nelson
InfoWorld Electric
ISV Remote Communications Inc. (RCI) has developed an application that
speeds the transfer of HTML files, but with the unintended consequence of
possibly enabling damaging code to pass through firewalls.
RCI's HyperSpace Data Compression software is currently in beta release
and is expected to ship this month. The system lets users create
compressed HTML files that can be transferred 60 percent to 70 percent
faster across networks, RCI said.
The problem is that viruses, malicious mobile code, or other harmful
content could also be compressed and then passed through firewalls without
being checked, according to Peter J. Cranstone, CEO of RCI.
"I can embed anything I want in there in any format. But let's say I was a
nasty individual and I coded up a virus. I simply turn that virus into an
HTML document [and send it past a firewall]," Cranstone said.
RCI has been in contact with Finjan, a mobile-code security vendor, to
address the possibilities of malicious Java Applets or ActiveX Controls
using this delivery system.
Normally, compressed HTML files are not scanned by firewalls, unless
specifically targeted by administrators, said officials at firewall vendor
Check Point Software Technologies. There is potential for viruses to leak
through the firewall, but preventive measures can be taken, according to
Greg Smith, group manager for product marketing at Check Point, in Redwood
City, Calif.
"The firewall can intercept any kind of traffic, including HTTP and HTML
files," Smith said. "We can vector the traffic off to a content screening
application so that we can protect internal network resources from
malicious content such as viruses."
Some security company officials are aware of the possible dangers of
compressed files, but said they believe there are bigger fish to fry at
this time.
"It's a matter of trying to put the most bang for the effort into our
products, and we have to approach the most immediate and important things
that we can address," said Chris Williams, product marketing manager at
NAI Labs, in Santa Clara, Calif. "Even if you get [a virus] past a
firewall, you have to get it past the desktop protection."
A beta version of RCI's HyperSpace Data Compression application is
available now from the company's Web site. A final version is slated for
delivery later this month, with pricing yet to be determined.
Remote Communications Inc., in Littleton, Colo., is at
www.remotecommunications.com.
Matthew Nelson is an InfoWorld senior writer.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
Received on Thu Mar 11 17:16:03 1999