Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Code Red: What security specialist don't mention in warnings(Frank Knobbe)

From: Predrag Zivic <pzivic () yahoo com>
Date: Wed, 8 Aug 2001 07:31:04 -0700 (PDT)
Well David,
You were quite right to what the solution should be.
Prevent is the key word. Not how to deal (although
that is the part of the issue and the process) but how
to prevent the problem from happening. 
As far as I am concerned, proper and fine grained
access control is a very good prevention solution. How
one does it? Control the access to a process, file,
mail service, TCP service or something else is an
engineering process and should be carefully done. 
If all these steps (bundled with patch updates) are
looked after a lot of things such as trojans would
never happen. Which product? whale, zone alarm, bull
software? Maybe the combination of all of them? who
knows?
I would love for god to give me the all in one product
to secure my IT, and finally spare me some time for
the things like sand and beach and... But sadly one
has to think hard and build it from building blocks.

Tia

Pez

--- David Wagner <daw () mozart cs berkeley edu> wrote:

Darren Reed  wrote:

All they can do is find already known problems.


Think of it like type checking.  Type checkers only
prevent known
problems (namely, runtime type errors).  Type
checkers are not a
silver bullet: they only prevent a certain class of
errors.  Nonetheless,
they're pretty darn useful, aren't they?  They
assist the programmer
with some of the tedious bookkeeping of programming,
and leave the
programmer free to concentrate on the truly hard
aspects of writing
code (such as getting the design right in the first
place).  This
seems like an advance.  We should embrace analogous
advances in
software security, not resist them.

P.S. Sure, testing sounds like a great idea, too. 
They're complementary:
you should be using both.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com


http://list.nfr.com/mailman/listinfo/firewall-wizards


__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: