Re: This just in: Firewalls are obsolete

["nakona () alltel net" <nakona () alltel net>]

Isn't this a moot point anyway? 

Regardless of how you harden your hosts, you still have an autonomous
system. In terms of security you may be able to harden your hosts so that
they can sit naked on the internet, but in terms of basic function that's
never going to happen anyway, if for no other reason than your AS is
running something like OSPF while the net is running BGP. Once you realize
that you need to run one or more border routers for functional reasons, why
wouldn't you also use at least SPI in that same router?

Besides... as a former military man, I cannot even remotely wrap my head
around the idea that you should give up layers of security. I don't really
give a damn how strong you built your bunker, I still expect you to run a
string of concertina wire around the compound and stick some claymores into
it.



--------------------------------------------------------------------
mail2web - Check your email from the web at
http://mail2web.com/ .


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave