Posted by: Eric Hansen
In a previous article, I wrote about how China is playing the wolf, and its not pretty. Going over the inbound traffic to their “great firewall”, I outlined some fine points…and now, we will address outbound traffic. This is something I also touched on in the previous article.
I mentioned before about 0-days existing on their servers. While it doesn’t always make sense to have the whole 9 years of security on a server (why have a virus scanner on a proxy server?), a firewall on these should always be installed and configured.
We’ll go back to Security 101. While passive firewalls have a place, restrictive firewalls are typically the go-to, and should be mandatory in government networks. You should only allow the traffic that needs to go through, and block out the rest. This being said, it seems a little implausible, though do-able, that America had a company such as Apache, set up a mechanism to allow a back door on only Chinese machines. Even more so due to Apache’s open source nature.
Yes, there is always the use of DoS attacks and the like, but governments everywhere (as far as I know) keep hush-hush about what actual attacks are done. You can detect all the DoS attacks you want, but it won’t prove beneficial to anyone.
Truthfully, and I’m sure a lot of people will agree, the whole risk of China being attacked sounds more like them being a baby, when it’s also been widely reported China has whole divisions dedicated to hacking countries. I’m sure America does too (NSA?), but we keep it more quiet as well.