Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: concerning ~el8 / project mayhem

From: "Anton A. Chuvakin" <anton () chuvakin org>
Date: Wed, 21 Aug 2002 10:39:55 -0400 (EDT)
Hi Paul and all,

I know I am late for the thread, but here goes:


I think the biggest trouble with the current scenerio is that many, many
customers don't understand that you don't *need* the attack tools to mount
an effective defense, nor to tell what's wrong with the current one.  I
think even vulnerability scanners are mostly a waste of time.

Hmm, that really doesn't sit well with me. As I understand, you are
advocating good security design over testing? But what about human errors
in the above "good design"? Admittedly, no one can eliminate all of them,
thus scanners/exploit tools will server as a final semi-real-world test of
how "good" the above design really is.

Best,
-- 
  Anton A. Chuvakin, Ph.D., GCIA
     http://www.chuvakin.org
   http://www.info-secure.org

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: