Re: Application-level Attacks

["Marcus J. Ranum" <mjr () ranum com>]

Paul D. Robertson wrote:
> Maybe it's time to revisit the whole attack taxonomy thing again...

I doubt it's necessary. We're just undergoing another
"denial of technical clarity attack" (a layer 8 attack)
from marketing idiots who can't bear to call their
products by simple, obvious names.

I'd _buy_ a "web firewall" personally. I'd even buy a
"VOIP firewall" - I don't understand why it needs to be
something "new" or "market-defining" and I'm sick to
death of explaining to journalists and industry analysts
that "application intrusion prevention" is something
that has been around for 15+ years and that "network
anomaly detection" was first implemented a few seconds
after the first network packet was transmitted.

In other words, our attempts to clarify and distill
and further purify our language is fruitless because
it's under such relentless attack by well-funded
hostile terrorists.

mjr. 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards