Firewall Wizards mailing list archives
Re: concerning ~el8 / project mayhem
From: "Anton A. Chuvakin" <anton () chuvakin org>
Date: Wed, 21 Aug 2002 10:39:55 -0400 (EDT)
Hi Paul and all, I know I am late for the thread, but here goes:
I think the biggest trouble with the current scenerio is that many, many customers don't understand that you don't *need* the attack tools to mount an effective defense, nor to tell what's wrong with the current one. I think even vulnerability scanners are mostly a waste of time.
Hmm, that really doesn't sit well with me. As I understand, you are advocating good security design over testing? But what about human errors in the above "good design"? Admittedly, no one can eliminate all of them, thus scanners/exploit tools will server as a final semi-real-world test of how "good" the above design really is. Best, -- Anton A. Chuvakin, Ph.D., GCIA http://www.chuvakin.org http://www.info-secure.org _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- concerning ~el8 / project mayhem R. DuFresne (Aug 16)
- Re: concerning ~el8 / project mayhem Darren Reed (Aug 16)
- Re: concerning ~el8 / project mayhem ark (Aug 16)
- Re: concerning ~el8 / project mayhem Marcus J. Ranum (Aug 17)
- Re: concerning ~el8 / project mayhem ark (Aug 16)
- <Possible follow-ups>
- Re: concerning ~el8 / project mayhem Marcus J. Ranum (Aug 17)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 17)
- Re: concerning ~el8 / project mayhem Anton A. Chuvakin (Aug 21)
- Re: concerning ~el8 / project mayhem Paul Robertson (Aug 21)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 21)
- Re: concerning ~el8 / project mayhem Anton J Aylward, CISSP (Aug 21)
- Re: concerning ~el8 / project mayhem Anton Chuvakin (Aug 21)
- RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Josh Welch (Aug 21)
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 21)
- Re: concerning ~el8 / project mayhem Anton J Aylward, CISSP (Aug 21)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 17)
- Re: concerning ~el8 / project mayhem Darren Reed (Aug 16)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 22)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 22)
- Re: concerning ~el8 / project mayhem Adam Shostack (Aug 23)