Firewall Wizards mailing list archives
Re: Vulnerability Response (was: BGP TCP RST Attacks)
From: Gwendolynn ferch Elydyr <gwen () reptiles org>
Date: Thu, 3 Jun 2004 10:39:04 -0400 (EDT)
On Thu, 3 Jun 2004, Paul D. Robertson wrote:
One of the best quotes yet that I got from a vendor in a meeting was "Stop! I can't think that fast!" In that case though, the users were being pressured into evaluating and possibly purchasing something they didn't want- but politically couldn't dismiss themselves. I got invited to do the thing they were used to seeing me do- beat up the vendor over security- but this time it was to their advantage for me to poke holes in it, since it'd give them ammo for rejecting the whole silly scheme.
Wandering somewhat afield, the most remarkable reaction that I've ever gotten from a vendor was the one who called up, practically in tears, and proclaimed "You can't do this to me! It's not fair!" [0]. I was completely boggled that they thought that a social attack of that nature was likely to have any effect other than causing me to flee farther. More to the point, it also helps when you can go down a litany of requirements with the vendor, and force them to address each item [1]...
Get some sand, a bucket, a nail and a hammer, and *show* them how much effectiveness they lose with each port.
Hrm. I may have to try that... if nothing else, it's a fun example ;> cheers! [0] "this" being not including their product in the final evaluation phase. At the time, they didn't have a TLS gateway, which was a showstopper. [1] Then again, it's always fun to include "Meets RFC 1149 and 3514". ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Frederick M Avolio (Jun 01)
- <Possible follow-ups>
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Devdas Bhagat (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) George Capehart (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) George Capehart (Jun 02)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) David Lang (Jun 02)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) George Capehart (Jun 03)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 03)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Gwendolynn ferch Elydyr (Jun 03)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 03)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Ben Nagy (Jun 04)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 04)
- Re: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Marcus J. Ranum (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Ben Nagy (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Marcus J. Ranum (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) Paul D. Robertson (Jun 01)
- RE: Vulnerability Response (was: BGP TCP RST Attacks) R. DuFresne (Jun 01)