Re:[fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)

From: Margles Singleton (
Date: 06/08/04

  • Next message: Dave Piscitello: "Re: [fw-wiz] Putting MS servers behind firewalls"
    Date: Tue, 08 Jun 2004 07:50:31 -0500

    >>Unless - I believe until - security can be packaged in a black box, there
    >>will not be tremendous gains in security. My reasoning? Black boxes are
    >>those technologies that we have faith in working without knowing why:
    >>microwaves, cars, and TV sets are all examples. A NASCAR team will know
    >>the fine details of tuning a car, but the Great Unwashed will not: they
    >>will simply turn the key and go - and this is how it should be - and I
    >>believe in future it will be like that for security as well.
    >True. To an extent it is already. Lots of things that used to take a
    >great deal of expert handiwork are already available in sheetmetal boxes.
    >Why trust sheetmetal boxes?
    >1 - don't.
    >2 - trust your ability to make informed choices on what sort of trust to
    >put into each piece of your defenses.
    >3 - if you take the effort and responsibility to be informed, you can
    >determine which sheetmetal boxes are being produced by folks who are
    >following Darwinistic Success Paths and use such boxes in your defense
    >You shouldn't have to mine the ore and grind the gunpowder yourself, but a
    >reliable MK 15 Phalanx Close-In Weapons System sure can come in handy from
    >time to time...

    YES!!!! .....i suspect this is why i tend to avoid gui's as well - at least
    when i'm in "learning phase". blind trust is never a good idea...

    >Still, I think playing with the boxes and arranging them against bad guys
    >will be fun for a while yet. There's still a lot of brand new thinking to
    >What Brian and many others are saying remains true - there's a lot of work
    >to be done and no time for lolly-gagging around. I just have exceptional
    >trust in individual's aggregate ability to seek success.

    i think this is called the Muddle Theory of Optimism, and yeppers,
    absolutely. it's just that if one dwells on the too-big picture, pessimism
    and dismay may set in....


    Get fast, reliable Internet access with MSN 9 Dial-up now 3 months FREE!

    firewall-wizards mailing list

  • Next message: Dave Piscitello: "Re: [fw-wiz] Putting MS servers behind firewalls"

    Relevant Pages

    • Re: NOS Auction? I think not!
      ... damage), his place was flooded from the bad rains during the summer, ... some of these backglasses took a lot of damage, ... when i was there he showed me the boxes, and even how much they cost at ... If you can't trust your bartender, ...
    • Re: Bought A Keltec P32
      ... I did polish everything up a bit, and shot a ... #few boxes through both before I could trust my life to them. ...
    • Re: Real-time form-field updating
      ... The code you posted has many nonsensical traits. ... Do not trust this source. ... > drop down menus and I am using text boxes for my entry source. ... var firstValue, secondValue, thirdValue; ...
    • Re: setup broad band connection from terminal in redhat 7.0
      ... Trust me, I am dealing with 2 old 7.x boxes ... at work and they are my worst nightmare in terms of admin. ...
    • RE: How to allow users to change their password?
      ... All of the password text boxes will have the ... > be set up to provide the Security dialog window for password changes. ... >> name/password first. ... > See for all your database needs. ...