Firewall Wizards mailing list archives
RE: Castles and Security (fwd)
From: Bill_Royds () pch gc ca
Date: Thu, 4 Jan 2001 15:14:21 -0500
This is a perfect rational for extreme gun comtrol laws. If there is a law that says possesion of a handgun is illegal, then anyone who posseses a handgun is de facto breaking the law and one does not have to wait for its use to take action against that person. Although criminals would still have guns, they could be charged with possession of weapons upon discovery without proving any other act. Is the risk to personal freedom by this kind of law less than the gain in public safety? We ban possesion of relatively hamless drugs becuase of fear of progression to use of harder ones. Should we ban any guns to prevent use of rocket launchers. Marcus would probably would probably say no. But other countries have werighed this balance differently and come to different conclusions With regards to networks, the risk by blocking all the possible network tools and the ease of inventing new ones means that it would be a very difficult task to ban "hacking tools" or even define them well enough to enumerate them. The way to defend from their use is to limit the vulnerability of the targets. One of those ways is armour on the target itself (hardening and personal firewalls). The other is to armour the house, neighbourhood and village. A castle was often only a good defense if it controlled a route. It may have been an object of an attack but not an object of a war. The war was to capture resources and territory and eventually the kingdom. Proper designs of castles and firewalls are tactics. Proper design of networks and server farms is strategy. Wars are won by good strategies that lead to good tactics.. "Marcus J. Ranum" <mjr () nfr com> on 01/04/2001 02:26:32 PM To: "daN." <dan () nesmail com>, "Stiennon,Richard" <richard.stiennon () gartner com>, twaszak () Telenisus com, Juergen.Nieveler () arxes de, lance () spitzner net, firewall-wizards () nfr com cc: (bcc: Bill Royds/HullOttawa/PCH/CA) Subject: RE: [fw-wiz] Castles and Security (fwd) daN. wrote:
There is no point in making a rule if you cannot punish those who break it.
That's actually not true!!! If you make a rule, it defines clearly the lines between honest and dishonest behavior. This serves to separate the players into 2 clear camps, instead of a single big grey zone. My friends at L0pht convinced me very effectively that the purpose of locks is to keep _honest_ people honest. It's actually useful as such because then you know that if someone goes through a locked door they are either authorized or a bad guy. Sure, someone can claim "I just rattled the knob and the door was already unlocked" but that only goes a short distance or nowhere depending on the lock system used. Honest people take one look at a locked door and rightly conclude "I'm not supposed to go through there" and go away. And if you see someone trying to pick your lock, you know he's up to no good and can deal with them differently. Basically, rules, locks, etc, serve to force the bad guys to clearly identify as suck, which makes them targets. I keep coming back to this issue of improving targeting and it seems like lots of people don't "get it" - I'm worried that I'm not communicating effectively, or something. Am I being obscure? _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Castles and Security (fwd), (continued)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 04)
- Re: Castles and Security (fwd) Neil Buckley (Jan 05)
- Re: Castles and Security (fwd) Adam Shostack (Jan 08)
- Targeting (was Castles and Security) Stephen P. Berry (Jan 08)
- RE: Castles and Security (fwd) Marcus J. Ranum (Jan 03)
- RE: Castles and Security (fwd) Harris, Tim (Jan 03)
- Re: Castles and Security (fwd) Darren Reed (Jan 03)
- RE: Castles and Security (fwd) Frank Knobbe (Jan 03)
- RE: Castles and Security (fwd) twaszak (Jan 04)
- Re: Castles and Security (fwd) jeradonah (Jan 04)
- RE: Castles and Security (fwd) Bill_Royds (Jan 04)
- Re: Castles and Security (fwd) George Capehart (Jan 05)
- Re: Castles and Security (fwd) Ryan Russell (Jan 08)
- Re: Castles and Security (fwd) George Capehart (Jan 08)
- Re: Castles and Security (fwd) George Capehart (Jan 05)
- Re: Castles and Security (fwd) Darren Reed (Jan 10)
- RE: Castles and Security (fwd) Robert Graham (Jan 12)
- RE: Castles and Security Lance Spitzner (Jan 12)