lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0310021647570.151-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: Microsoft moves beyond patches 

On Thu, 2 Oct 2003 Valdis.Kletnieks@...edu wrote:

> On Thu, 02 Oct 2003 11:50:15 CDT, Ron DuFresne said:
>
> > Unless you are promoting host based defense, which is not quite there yet,
> > and an administrative nightmare, I think you'd find a strong argument this
> > is *not* the case, at least at present.
>
> Tell that to all the corporate nets that have been whacked by a worm brought
> in on a laptop, VPN connection, or other similar backdoor.
>
> (yes yes, I know it's a "failure to define perimeter correctly".  The fact that
> it wasn't defined correctly *IS* the problem with the technology....)
>

nonono, certainly not a problem with the technology, nor the philosophy,
but an implimentation error.  Afterall, as you hint, they opend a backdoor
and got slammed by it.  I've been for years now saying that VPN's are not
the endall to beall and are used far *too* freely and frequently.  Punch a
hole or two in a firewall and it's on it's way to becoming little more
then a standard router.


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ