Firewall Wizards mailing list archives
Re: Penetration testing via shrinkware
From: "Marcus J. Ranum" <mjr () nfr net>
Date: Sun, 20 Sep 1998 21:14:26 -0400
Paul D. Robertson wrote:
[...] While it isn't 100% foolproof, there's a lot to be learned from a B2 evaluation. Security modeling, code walk-throughs, secure development methodologies, they all have their place if you're going to build assurance.
There's a lot to be learned but the price is insane, in terms of person-effort and time-to-market. B2 evaluation and all that orange book stuff is too slow and expensive to be applicable to today's products. *BUT* it's important to understand the principles behind them so you can steal the good ideas and then shortcut from there. For example, instead of laborious "proofs" that your security model makes sense, substitute a solid design document that explains the background behind your security architecture and why you think it's any good. Instead of laborious external code reviews, substitute a red team internal review of the security critical chunks of code. Instead of a Trusted Computer Base, substitute clean documentation of which chunks are security critical and how they interact with other chunks, as well as decently defined permission boundaries. In other words, steal the good ideas from the past, but don't chain yourself to the orange book albatross. For developing security software there's no substitute for having done it before and made a few mistakes. (I can show you my scars! Ask Mudge about the many beers and vip vacation!) That's what really scares me about things like NT security: "Yesterday I was an undergraduate CS major. Today I am writing a security policy for an operating system that will wind up on 90+% of the systems in the world by the year 2000" Joy, Joy, joy! mjr. -- Marcus J. Ranum, CEO, Network Flight Recorder, Inc. work - http://www.nfr.net home - http://www.clark.net/pub/mjr
Current thread:
- Re: Penetration testing via shrinkware, (continued)
- Re: Penetration testing via shrinkware Bill_Royds (Sep 03)
- RE: Penetration testing via shrinkware Stout, Bill (Sep 06)
- RE: Penetration testing via shrinkware Gary Crumrine (Sep 06)
- Re: penetration testing via shrinkware Arve Kjoelen (Sep 08)
- Re: Penetration testing via shrinkware Ryan Russell (Sep 19)
- Re: Penetration testing via shrinkware John McDermott (Sep 19)
- Re: Penetration testing via shrinkware Crispin Cowan (Sep 19)
- Re: Penetration testing via shrinkware Paul D. Robertson (Sep 20)
- Re: Penetration testing via shrinkware John McDermott (Sep 19)
- Re: Penetration testing via shrinkware Paul D. Robertson (Sep 20)
- Re: Penetration testing via shrinkware Marcus J. Ranum (Sep 21)
- Re: Penetration testing via shrinkware Paul D. Robertson (Sep 21)
- Re: Penetration testing via shrinkware Ted Doty (Sep 21)
- Re: Penetration testing via shrinkware Paul D. Robertson (Sep 21)
- Re: Penetration testing via shrinkware Darren Reed (Sep 22)
- Re: Penetration testing via shrinkware Ted Doty (Sep 22)
- Re: Penetration testing via shrinkware Paul D. Robertson (Sep 20)
- Re: Penetration testing via shrinkware Joseph S. D. Yao (Sep 22)
- Re: Penetration testing via shrinkware Stephen P. Berry (Sep 24)
- Re: Penetration testing via shrinkware tqbf (Sep 21)