Come on, own up: IT managers leave firewalls open for hackers

The number of flaws reported in firewalls have rocketed by nearly 50 per cent over the past four years because IT pros don't know how to configure them.

A report by security testing specialist NTA Monitor found that flaws in firewalls have increased by 45 per cent since 1998.

The researchers said the holes, which occur mainly because of poor configuration and sloppy patching, could give hackers a way in to corporate networks.

Companies have not learned how to install their firewalls properly, according to Roy Hills, technical director at NTA Monitor. He said: "Three years ago firewalls were relatively rare, only firms who really needed them had them - coupled with the expertise.

"Nowadays there are so many companies who need firewalls because of the net. But they are not any easier to configure today than they were five years ago."

But he did not put all the blame on users, adding that vendors have not made things easy.

"There should be a way to check how you have configured your firewall. It should be made much easier to get it right and much harder how to get it wrong," he said.

Many companies are unable to keep up with the latest vulnerabilities because of the misconfiguration problems, the study added.

NTA Monitor said a flaw was recently identified in Checkpoint's most commonly used Fire Wall-1 product, which allowed potential hackers to access internal systems via HTTP, but only those companies who had failed configure the firewall correctly were affected.

"This kind of attack could have been prevented by proper installation of the firewall," Hills said.