funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: quick OT thought

From: RandallMan <randallm () fidmail com>
Date: Thu, 17 Apr 2008 14:05:39 -0500
On Thu, Apr 17, 2008 at 1:03 PM, <Valdis.Kletnieks () vt edu> wrote:


On Thu, 17 Apr 2008 12:39:01 CDT, RandallMan said:


Have been refreshing myself on CEH and CISSP studies. Looking over the

OSI

model I noticed that all layers have been hacked! Perhaps its time for
another layer:
THE SECURE LAYER-LAYER 8. Perhaps this would fit true with a "layered"
approach to security.


On the other hand, implementing security at Layer 8 almost guarantees that
it's
a "bolt on after the fact".  Also, "defense in depth" (which is what you
probably *mean* by "layered" - multiple security layers) suggests that
there
should be components at all 7 layers.  Everything from "Do it via copper
rather
than wireless" (a layer 1 issue) to "Deploy switches/configs that are
resistant
to MAC address spoofing" through crypto and other stuff at the higher
layers...



Actually, since I am hashing, I think I meant it as that-Secure Layer.
Layered security.
Let in the virtual sense sit under the application. Therefore, as the
"presentation" prepares and sends it better fit the model for security
(sorta goes with the MAC).

In my meddling and thinking it seems there are security implementations
where ever exploits have appeared in the model. Security seems to just
"follow", rather then set the standard by which applications must adhere to.

Of course I guess that's the way it will have to be. Making everything fit a
model is not the real world.

Like I said, just some random OT thoughts.

-- 
RandallMan
----------
It's been a wild ride for sure and it ain't over.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: