RE: [fw-wiz] A fun smackdown...

From: Behm, Jeffrey L. (
Date: 05/20/05

  • Next message: Devdas Bhagat: "Re: [fw-wiz] A fun smackdown..."
    To: <>
    Date: Fri, 20 May 2005 13:16:35 -0500

    On Friday, May 20, 2005 10:56 AM, Chuck Swiger spake:

    > A door lock which rejects all keys, even a good key,
    > is more "secure" than a lock which rejects only
    > invalid keys.

    This made me think of a denial of service attack which
    renders the system (door) unavailable. Does a DoS make
    the system more secure? It seems like some _might_ say
    _Yes_, since the system would effectively be blocked.
    I would say no, it's not more secure, at least, not if
    the definition of security includes _availability_.

    Security (def.) - Ensuring integrity, confidentiality,
    availability of systems, data, etc.

    I believe some definitions offered here of security
    imply being _not available_. Not just to unauthorized
    folks, but anyone in general. While perhaps technically
    correct, it's not very practical (as has already been
    pointed out).

    Maybe we are not in agreement in what the term,
    secure, means, and need to better define that first,
    so we are all on the same page from the start.
    firewall-wizards mailing list

  • Next message: Devdas Bhagat: "Re: [fw-wiz] A fun smackdown..."