Firewall Wizards mailing list archives
RE: Time for a new FWTK?
From: "Marcus J. Ranum" <mjr () nfr net>
Date: Fri, 28 Nov 1997 23:01:32 -0500
Bret Watson wrote:
Personally I don't think 'signature' analysis like RealSecure et al do is a viable long term solution - there becomes an upper limit on permutations that is economically unviable (did someone say virus detection - woops).
There are technical problems and non-technical problems. :) Signature analysis is something that the virus scanners have conditioned the consumer market to accept and understand. People are comfortable with the concept, it does work, and it works *predictably*. In other words, it demos well. :) If you have the right signature and someone triggers it, then the alarm beeps and the customer feels good. This is the same reason people like virus scanning software! It is comprehensible. People do not enjoy buying things that challenge their intellects or preconceptions. So, I'd predict that signature analysis systems (I call them "Burglar Alarms" because they share similar simple properties) are going to be a very popular product in the future. They will become a market force like firewalls, because they share similar properties of simplicity, comprehensibility, and predictability. My guess is that they'll evolve into something else. At least I hope they will!! The virus scanning software has had a huge market run and shows no sign of petering out. It's possible that it's such a successful market that none of the players in it will do anything to risk disrupting it -- like trying to actually solve the problem. mjr. -- Marcus J. Ranum, CEO, Network Flight Recorder, Inc. work - http://www.nfr.net home - http://www.clark.net/pub/mjr
Current thread:
- RE: Time for a new FWTK? Stout, William (Nov 26)
- <Possible follow-ups>
- RE: Time for a new FWTK? Bret Watson (Nov 26)
- RE: Time for a new FWTK? Craig Brozefsky (Nov 27)
- Re: Time for a new FWTK? Bennett Todd (Nov 28)
- Re: Time for a new FWTK? Craig Brozefsky (Nov 28)
- Re: Time for a new FWTK? Marcus J. Ranum (Nov 28)
- New firewall paradigms, anyone ? Darren Reed (Nov 28)
- Re: New firewall paradigms, anyone ? Marcus J. Ranum (Nov 28)
- RE: Time for a new FWTK? Craig Brozefsky (Nov 27)
- RE: Time for a new FWTK? Bret Watson (Nov 28)
- RE: Time for a new FWTK? Marcus J. Ranum (Nov 28)
- Re: Time for a new FWTK? Mike Shaver (Nov 29)