Security Basics mailing list archives
RE: Why Security testing is required
From: "David Gillett" <gillettdavid () fhda edu>
Date: Fri, 20 Feb 2004 15:25:58 -0800
I've heard of companies that thought they were secure because they had purchased a firewall -- even though it was still in its box. I've encountered cases where the firewall was set up and configured, but was off on a stub and not between the interior and exterior networks. And I've seen properly-installed firewalls with code and/or configuration bugs, or subverted by less-than- scrupulous admins.... Knowing what you intended to implement provides only a first approximation to what actually got implemented. Empiricism can't do everything, but for some jobs you accept substitutions only at your peril. Dave Gillett
As a non technical person I want to know why security testing is required when all security systems like Firewall, IDS and content management are in place.
--------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.securityfocus.com/sponsor/Astaro_security-basics_040219 ----------------------------------------------------------------------------
Current thread:
- RE: Why Security testing is required Matt Lyon (Feb 20)
- Re: Why Security testing is required Meritt James (Feb 24)
- Re: Why Security testing is required Rishi Pande (Feb 24)
- Re: Why Security testing is required steve (Feb 24)
- most that can happan (was Re: Why Security testing is required Meritt James (Feb 25)
- RE: Why Security testing is required David Gillett (Feb 24)
- Re: Why Security testing is required Byron Sonne (Feb 24)
- Re: Why Security testing is required captgoodnight (Feb 24)
- RE: Why Security testing is required Navaneetharangan (Feb 26)
- Re: Why Security testing is required Meritt James (Feb 26)
- RE: Why Security testing is required Navaneetharangan (Feb 26)
- RE: Why Security testing is required Raoul Armfield (Feb 24)
- RE: Why Security testing is required Steve (Feb 24)
- <Possible follow-ups>
- Re: Why Security testing is required Fralick, Alan (Feb 25)
- RE: Why Security testing is required Ryan Cornelsen (Feb 27)