Re:[fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)

From: Margles Singleton (margles_s_at_hotmail.com)
Date: 06/08/04

  • Next message: Dave Piscitello: "Re: [fw-wiz] Putting MS servers behind firewalls" 
    To: blask@protegonetworks.com, firewall-wizards@honor.icsalabs.com
Date: Tue, 08 Jun 2004 07:50:31 -0500

    >>Unless - I believe until - security can be packaged in a black box, there
    >>will not be tremendous gains in security. My reasoning? Black boxes are
    >>those technologies that we have faith in working without knowing why:
    >>microwaves, cars, and TV sets are all examples. A NASCAR team will know
    >>the fine details of tuning a car, but the Great Unwashed will not: they
    >>will simply turn the key and go - and this is how it should be - and I
    >>believe in future it will be like that for security as well.
    >
    >True. To an extent it is already. Lots of things that used to take a
    >great deal of expert handiwork are already available in sheetmetal boxes.
    >
    >Why trust sheetmetal boxes?
    >
    >1 - don't.
    >
    >2 - trust your ability to make informed choices on what sort of trust to
    >put into each piece of your defenses.
    >
    >3 - if you take the effort and responsibility to be informed, you can
    >determine which sheetmetal boxes are being produced by folks who are
    >following Darwinistic Success Paths and use such boxes in your defense
    >structure.
    >
    >You shouldn't have to mine the ore and grind the gunpowder yourself, but a
    >reliable MK 15 Phalanx Close-In Weapons System sure can come in handy from
    >time to time...

    YES!!!! .....i suspect this is why i tend to avoid gui's as well - at least
    when i'm in "learning phase". blind trust is never a good idea...

    >Still, I think playing with the boxes and arranging them against bad guys
    >will be fun for a while yet. There's still a lot of brand new thinking to
    >do.
    >
    >What Brian and many others are saying remains true - there's a lot of work
    >to be done and no time for lolly-gagging around. I just have exceptional
    >trust in individual's aggregate ability to seek success.

    i think this is called the Muddle Theory of Optimism, and yeppers,
    absolutely. it's just that if one dwells on the too-big picture, pessimism
    and dismay may set in....

    enjoy!!/mas

    _________________________________________________________________
    Get fast, reliable Internet access with MSN 9 Dial-up – now 3 months FREE!
    http://join.msn.click-url.com/go/onm00200361ave/direct/01/

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Dave Piscitello: "Re: [fw-wiz] Putting MS servers behind firewalls"
    Loading