funsec mailing list archives
Re: quick OT thought
From: RandallMan <randallm () fidmail com>
Date: Thu, 17 Apr 2008 14:05:39 -0500
On Thu, Apr 17, 2008 at 1:03 PM, <Valdis.Kletnieks () vt edu> wrote:
On Thu, 17 Apr 2008 12:39:01 CDT, RandallMan said:Have been refreshing myself on CEH and CISSP studies. Looking over theOSImodel I noticed that all layers have been hacked! Perhaps its time for another layer: THE SECURE LAYER-LAYER 8. Perhaps this would fit true with a "layered" approach to security.On the other hand, implementing security at Layer 8 almost guarantees that it's a "bolt on after the fact". Also, "defense in depth" (which is what you probably *mean* by "layered" - multiple security layers) suggests that there should be components at all 7 layers. Everything from "Do it via copper rather than wireless" (a layer 1 issue) to "Deploy switches/configs that are resistant to MAC address spoofing" through crypto and other stuff at the higher layers...
Actually, since I am hashing, I think I meant it as that-Secure Layer. Layered security. Let in the virtual sense sit under the application. Therefore, as the "presentation" prepares and sends it better fit the model for security (sorta goes with the MAC). In my meddling and thinking it seems there are security implementations where ever exploits have appeared in the model. Security seems to just "follow", rather then set the standard by which applications must adhere to. Of course I guess that's the way it will have to be. Making everything fit a model is not the real world. Like I said, just some random OT thoughts. -- RandallMan ---------- It's been a wild ride for sure and it ain't over.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- quick OT thought RandallMan (Apr 17)
- Re: quick OT thought Valdis . Kletnieks (Apr 17)
- Re: quick OT thought RandallMan (Apr 17)
- Re: quick OT thought Nick FitzGerald (Apr 17)
- Re: quick OT thought Nick FitzGerald (Apr 17)
- Re: quick OT thought Valdis . Kletnieks (Apr 18)
- <Possible follow-ups>
- Re: quick OT thought Les Bell (Apr 17)
- Re: quick OT thought Hubbard, Dan (Apr 17)
- Re: quick OT thought Valdis . Kletnieks (Apr 17)