Plumbers... was Re: [fw-wiz] Sources for Extranet Designs?

From: Gary Flynn (
Date: 02/24/04

  • Next message: ADSL-Nerd: "Re: RE: [fw-wiz] Cisco PIX query"
    Date: Mon, 23 Feb 2004 23:21:14 -0500

    Marcus J. Ranum wrote:

    >Frederick M Avolio wrote:
    >>No. He said, "Security is like onions, it makes your eyes burn and leaves you burping."
    >Actually, the Onion remark was one of Steve Bellovin's. ;)
    >*MINE* was at SANS in 1997 in Baltimore:
    >"I guess we should all just quit doing security and become
    >Security *IS* like being a plumber!! You still have to worry
    >about the flow of stuff and the thickness of your pipes. You have
    >no control over the stuff you're going to have to deal with,
    >and it all stinks about equally. Marketing people put whatever stuff
    >they like into your pipes, and when the pipes burst you're
    >still left to clean the stuff up and your customers are going to
    >blame you for what they flushed."

    That is a start but that is just the network administration part
    of the job.

    Security folks also contend with determining who is sitting on the pot
    when the sitter really wants privacy, whether they're allowed to sit on
    the pot when they "really gotta go now", whether the pot is safe to sit
    on when the pots are bought out of a glossy catalog, what can be put
    in the pot without tromping on someone's special needs, whether they
    wash their hands after sitting on the pot without becoming Big Brother,
    handling complaints from other folks who really did not want what was
    put in the pot, and trying to make sure that what was put in the pot was
    what they intended to put in the pot (or, God forbid, what they took
    out of the pot) without limiting innovation

    I know. Its late. :).

    firewall-wizards mailing list

  • Next message: ADSL-Nerd: "Re: RE: [fw-wiz] Cisco PIX query"