Re: [fw-wiz] concerning ~el8 / project mayhem
From: Anton A. Chuvakin (anton@chuvakin.org)
Date: 08/21/02
- Next message: Schouten, Diederik (Diederik): "RE: [fw-wiz] Lucent Brick with PPTP"
- Previous message: Paul D. Robertson: "Re: [fw-wiz] Warchalking?"
- In reply to: Paul D. Robertson: "Re: [fw-wiz] concerning ~el8 / project mayhem"
- Next in thread: Paul Robertson: "Re: [fw-wiz] concerning ~el8 / project mayhem"
- Reply: Paul Robertson: "Re: [fw-wiz] concerning ~el8 / project mayhem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Anton A. Chuvakin" <anton@chuvakin.org> To: "Paul D. Robertson" <proberts@patriot.net> Date: Wed Aug 21 10:41:00 2002
Hi Paul and all,
I know I am late for the thread, but here goes:
>I think the biggest trouble with the current scenerio is that many, many
>customers don't understand that you don't *need* the attack tools to mount
>an effective defense, nor to tell what's wrong with the current one. I
>think even vulnerability scanners are mostly a waste of time.
Hmm, that really doesn't sit well with me. As I understand, you are
advocating good security design over testing? But what about human errors
in the above "good design"? Admittedly, no one can eliminate all of them,
thus scanners/exploit tools will server as a final semi-real-world test of
how "good" the above design really is.
Best,
--
Anton A. Chuvakin, Ph.D., GCIA
http://www.chuvakin.org
http://www.info-secure.org
- Next message: Schouten, Diederik (Diederik): "RE: [fw-wiz] Lucent Brick with PPTP"
- Previous message: Paul D. Robertson: "Re: [fw-wiz] Warchalking?"
- In reply to: Paul D. Robertson: "Re: [fw-wiz] concerning ~el8 / project mayhem"
- Next in thread: Paul Robertson: "Re: [fw-wiz] concerning ~el8 / project mayhem"
- Reply: Paul Robertson: "Re: [fw-wiz] concerning ~el8 / project mayhem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
