Re: [fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)
From: Gwendolynn ferch Elydyr (gwen_at_reptiles.org)
To: "Paul D. Robertson" <firstname.lastname@example.org> Date: Thu, 3 Jun 2004 10:39:04 -0400 (EDT)
On Thu, 3 Jun 2004, Paul D. Robertson wrote:
> One of the best quotes yet that I got from a vendor in a meeting was
> "Stop! I can't think that fast!" In that case though, the users were
> being pressured into evaluating and possibly purchasing something they
> didn't want- but politically couldn't dismiss themselves. I got invited
> to do the thing they were used to seeing me do- beat up the vendor over
> security- but this time it was to their advantage for me to poke holes in
> it, since it'd give them ammo for rejecting the whole silly scheme.
Wandering somewhat afield, the most remarkable reaction that I've ever
gotten from a vendor was the one who called up, practically in tears,
and proclaimed "You can't do this to me! It's not fair!" .
I was completely boggled that they thought that a social attack of that
nature was likely to have any effect other than causing me to flee farther.
More to the point, it also helps when you can go down a litany of
requirements with the vendor, and force them to address each item ...
> Get some sand, a bucket, a nail and a hammer, and *show* them how much
> effectiveness they lose with each port.
Hrm. I may have to try that... if nothing else, it's a fun example ;>
 "this" being not including their product in the final evaluation
phase. At the time, they didn't have a TLS gateway, which was a showstopper.
 Then again, it's always fun to include "Meets RFC 1149 and 3514".
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet. This is the defining metaphor of my life right now."
firewall-wizards mailing list