lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000c01c38730$c6224320$0201a8c0@cyber.god>
From: steve.wray at paradise.net.nz (Steve Wray)
Subject: Re: Pudent default security - Was:
 CyberInsecurity: The cost of Monopoly

> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
> Michal Zalewski
> 
> On Sun, 28 Sep 2003, security@...enik.com wrote:
> 
[snip]
> You can't do it particularly easily just by configuring local built-in
> firewall on each box. Or, you can, but you have no easy way 
> to maintain and audit the structure once it's done. 

There is if you don't use a windowing operating system; this is
precisely
what my team is doing for a very large collection of firewalled boxes,
remotely administered and their forewall configurations all maintained
and audited by remote control and en masse to boot.

We're using Debian Linux with more or less traditional unix tools for
the job; ssh, scp, rsync, diff sed and patch.

> The value of this 
> software is the ability to:
> 
>   1) Integrate many security mechanisms (AV, firewalling, auditing,
>      local policy, IDS) under one roof and implement unified policies,
> 
>   2) Provide an easy way to deploy and track agents and their
>      compliance with group policy,
> 
>   3) Manage multiple group policies easily,
> 
>   4) Deploy adaptative policies (say, different access levels when
>      on dial-up, different when in corporate network).
> 
> That's it. That is an effective tool that goes about as far 
> as we can go with pure IT without major changes to the existing
technology 
> to protect

I don't see whats new about this... unless its in a windowing
environment,
but then I guess you get what you ask for! A GUI for everything and
everything
in a GUI.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ