Firewall Wizards mailing list archives
RE: The Morris worm to Nimda, how little we've learned or gained
From: Ryan Russell <ryan () securityfocus com>
Date: Fri, 4 Jan 2002 19:33:21 -0700 (MST)
<snip really good highway safety discussion by Robert Graham> One point that always comes to my mind when reading any analogy for Internet Security is that perfect security is theoretically possible on the Internet. (Discounting availability...you'll always be able to DoS me.) In theory, I could implement a service with no holes, no way to attack it remotely, on top of an OS with no holes. You'd never be able to make my machine do something I didn't want it to. Conversly, it is theoretically impossible to have a car that will prevent someone from violating the integrity of your body. There are always tac nukes, if simple ramming won't suffice. While theoretically possible to have perfect software security, it is obviously a practical impossibility. I have no idea if that means that we should try harder, and come as close as possible to perfection, or just give up now. There are a few software packages out there that do really well on security, and I think it's that tease that keeps us going. At present, my mode is "try harder". Ryan _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: The Morris worm to Nimda, how little we've learned or gained Marcus J. Ranum (Jan 03)
- Re: The Morris worm to Nimda, how little we've learned or gained Paul D. Robertson (Jan 04)
- Re: The Morris worm to Nimda, how little we've learned or gained Richard Johnson (Jan 04)
- Re: The Morris worm to Nimda, how little we've learned or gained Ryan Russell (Jan 05)
- Re: The Morris worm to Nimda, how little we've learned or gained Frederick M Avolio (Jan 04)
- Re: The Morris worm to Nimda, how little we've learned or gained Adam Shostack (Jan 04)
- RE: The Morris worm to Nimda, how little we've learned or gained robert_david_graham (Jan 04)
- RE: The Morris worm to Nimda, how little we've learned or gained Ryan Russell (Jan 05)
- OT: Re: The Morris worm to Nimda, how little we've learned or gained Roelof JT Jonkman (Jan 05)
- Re: OT: Re: The Morris worm to Nimda, how little we've learned or gained H. Morrow Long (Jan 06)
- Host Based Packet Filters (was: OT: The Morris worm to Nimda, how little we've learned or gained) Robin S. Socha (Jan 06)
- safety of unidirectional NT trusts hermit921 (Jan 15)
- Re: safety of unidirectional NT trusts Jonas Anden (Jan 16)
- Re: safety of unidirectional NT trusts S. Jonah Pressman (Jan 17)
- <Possible follow-ups>
- Re: The Morris worm to Nimda, how little we've learned or gained Rudy_D_Pereda (Jan 12)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 12)
- Re: The Morris worm to Nimda, how little we've learned or gained R. DuFresne (Jan 13)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 14)
- Re: The Morris worm to Nimda, how little we've learned or gained Michael Brennen (Jan 12)