Re: Your router/switch may be less secure than you think

[Robert Bonomi <bonomi () mail r-bonomi com>]

> From owner-nanog () merit edu  Wed Aug  3 09:07:20 2005
> To: Michael.Dillon () btradianz com
> Cc: nanog () merit edu
> Subject: Re: Your router/switch may be less secure than you think
> From: "Robert E.Seastrom" <rs () seastrom com>
> Date: Wed, 03 Aug 2005 09:58:53 -0400
>
>
>
> Michael.Dillon () btradianz com writes:
>
> > We should all be looking to the security auditing work done by
> > the OpenBSD team for an example of how systems can be 
> > cleaned up, fixed, and locked down if there is a will to do so.
>
> Beer, unsupported assertions, and lack of rigorous audit methodology
> can be blended together to make one's code more secure?

That would seem to depend on the quality of the code _before_ the blending, no?
As well as getting the proportions in the blend "just right".

*grin*

Seriously, _any_ approach "can" result in better/more secure code.  It all
depends on exactly _what_ is done.  Some approaches for identifying and/or
eliminating "problems" are more efficient and/or more effective than are
alternative means.  This does -not- mean that those are the "only" ways to
get things done.

Now, the _liklihood_ that any given approach "willresult in better/more secure
code -- *that* is an entirely different question.  :)