Firewall Wizards mailing list archives
RE: FW: CISCO PIX Vulnerability
From: Ted Doty <ted () iss net>
Date: Thu, 18 Jun 1998 09:42:12 -0400
At 01:27 PM 6/17/98 -0500, Rick Smith wrote:
At 01:51 PM 6/17/98 -0700, Hal wrote:
Gosh, I thought only NSA people argued like that.NSA people don't argue. They just issue you the crypto. If it doesn't solve your problem, you have to either do the job unprotected or rearrange the job to fit their architectural straitjacket. In Desert Storm, people sometimes had to do without, since they couldn't always fit things into the straitjacket.
This is why the military tactical radios come with a "Transmit in the clear" switch. When the general tells you to call in the airstrikes, he doesn't want to hear "But sir, they're behind a NAT gateway and the AH MD5 checksum doesn't match."
In the commercial world we ought to be able to do better than that.
I don't think we'll always have that luxury. There will be times that policy will have to be overridden by appropriate authorities, and our systems need to be able to support this. I kind of think we're argiung the same thing, tho. - Ted ----------------------------------------------------------------------- Ted Doty, Internet Security Systems | Phone: +1 678 443-6000 6600 Peachtree Dunwoody Road, 300 Embassy Row | Fax: +1 678 443-6479 Atlanta, GA 30328 USA | Web: http://www.iss.net ----------------------------------------------------------------------- PGP key fingerprint: 362A EAC7 9E08 1689 FD0F E625 D525 E1BE
Current thread:
- Re: FW: CISCO PIX Vulnerability, (continued)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 16)
- Re: FW: CISCO PIX Vulnerability Rick Smith (Jun 17)
- Re: FW: CISCO PIX Vulnerability Perry E. Metzger (Jun 18)
- Re: FW: CISCO PIX Vulnerability Rick Smith (Jun 18)
- Re: FW: CISCO PIX Vulnerability Perry E. Metzger (Jun 23)
- Going Public with Brute Force (was: CISCO PIX) Rick Smith (Jun 23)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 16)
- Re: FW: CISCO PIX Vulnerability Adam Shostack (Jun 23)
- Re: FW: CISCO PIX Vulnerability Darren Reed (Jun 24)
- RE: FW: CISCO PIX Vulnerability Rick Smith (Jun 17)
- RE: FW: CISCO PIX Vulnerability Ted Doty (Jun 18)
- Re: FW: CISCO PIX Vulnerability Joseph S. D. Yao (Jun 26)