Linked by Thom Holwerda on Thu 5th May 2011 21:07 UTC, submitted by sawboss
Games There's fail, there's epic fail, and then there's Sony. You may've thought it wasn't possible, but Sony has just outdone itself on the fail scale, forcing us to add yet another notch. During the congressional testimony this morning, Dr Gene Spafford of Purdue University revealed just how badly Sony managed its Playstation Network servers. It's... Bad.
Permalink for comment 472012
To read all comments associated with this story, please click here.
RE: Firewalls
by WereCatf on Fri 6th May 2011 11:33 UTC in reply to "Firewalls"
WereCatf
Member since:
2006-02-15

Can someone with a security background explain me how exactly firewalls can improve the security of a computer ?


Firewall may or may not be specifically such a great term, it depends, and may refer to firewall installed on the machine itself, or a firewall between the machine and the internal network (the latter is obviously the more secure choice). But the point is that the server had full access to the whole internal network, it was not restricted in any way or form. In a network of the size of PSN itself and especially when the server is also acting as a server to traffic from the Internet any IT admin worth his/her salt should limit the access such a machine has on the internal network. Ie. it should not be able to access everything, only the very specific machines that it needs to function, and only the kind of traffic that one should expect from it.

Giving complete, unrestricted access to the internal network the magnitude of PSN from a machine running outdated, unpatched server software is a failure of epic proportions.

Edited 2011-05-06 11:35 UTC

Reply Parent Score: 2