Re: Microsoft moves beyond patches

[Ron DuFresne <dufresne () winternet com>]

On Thu, 2 Oct 2003 Valdis.Kletnieks () vt edu wrote:

> On Thu, 02 Oct 2003 11:50:15 CDT, Ron DuFresne said:
>
> > Unless you are promoting host based defense, which is not quite there yet,
> > and an administrative nightmare, I think you'd find a strong argument this
> > is *not* the case, at least at present.
>
> Tell that to all the corporate nets that have been whacked by a worm brought
> in on a laptop, VPN connection, or other similar backdoor.
>
> (yes yes, I know it's a "failure to define perimeter correctly".  The fact that
> it wasn't defined correctly *IS* the problem with the technology....)

nonono, certainly not a problem with the technology, nor the philosophy,
but an implimentation error.  Afterall, as you hint, they opend a backdoor
and got slammed by it.  I've been for years now saying that VPN's are not
the endall to beall and are used far *too* freely and frequently.  Punch a
hole or two in a firewall and it's on it's way to becoming little more
then a standard router.


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html