Full Disclosure mailing list archives

RE: Sidewinder G2

From: "Kruse, Steve" <Steve.Kruse () lakelandgov net>
Date: Tue, 18 Nov 2003 13:08:18 -0500

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brent:

Yes, I've read Bruce's feelings about hacker contest's before, and in
principle, I agree it doesn't "prove" a sustained attack by a
determined enemy with enough computing power and dollars (Rubles,
Yen, Euros whatever) can be thwarted.  If someone like a government
entity was hacking away at a firewall, they sure aren't going to
claim the prize; rather they now have the knowledge of how it was
done, use it, and keep quiet about it.  I have the utmost respect for
what Bruce says.

I'll agree "proven" is too strong a word.  But it would give me more
confidence that your average 133t h4x0r isn't going to run willy
nilly through the firewall.  They may find a way AROUND it, or
socially engineer their way in, sure.  Just not THROUGH it.

Score one for Brent.  Proven IS too strong.

Steve Kruse

J. Stephen Kruse, CISSP
Chief Information Security Officer
City of Lakeland, Florida
http://www.lakelandgov.net
mailto:steve.kruse () lakelandgov net
PGP Fingerprint: 20FF 54A6 AFA0 5492 8830  9687 3314 D77D DFC7 D848

-----Original Message-----
From: Brent J. Nordquist [mailto:b-nordquist () bethel edu] 
Sent: Tuesday, November 18, 2003 12:03 PM
To: full-disclosure () lists netsys com
Subject: RE: [Full-disclosure] Sidewinder G2 


On Tue, 18 Nov 2003, Kruse, Steve <Steve.Kruse () lakelandgov net>
wrote:

Repeated "hacker challenges" by Secure Computing against

the Sidewinder

have proven it hasn't been compromised.


"Proven" is much too strong a word.  See:

http://www.schneier.com/crypto-gram-9812.html#contests

- -- 
Brent J. Nordquist <b-nordquist () bethel edu> N0BJN
Other contact information:
http://kepler.acns.bethel.edu/~bjn/contact.html
* Fast pipe * Always on * Get out of the way - Tim Bray
http://tinyurl.com/7sti

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP7pgEjMU133fx9hIEQKiSACguBmBadHYSjlV+ZYBmHi028viPLoAn1pd
q7Pr2om9md5nHVEU3aVFmws+
=Murr
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Sidewinder G2, (continued)
- - - Re: Sidewinder G2 Valdis . Kletnieks (Nov 18)
    - Re: Sidewinder G2 David Maynor (Nov 18)
    - RE: Sidewinder G2 Ron DuFresne (Nov 20)
    - RE: Sidewinder G2 Mike Fratto (Nov 20)
    - RE: Sidewinder G2 Ron DuFresne (Nov 25)
  - RE: Sidewinder G2 Mike Fratto (Nov 18)
  - RE: Sidewinder G2 Michal Zalewski (Nov 19)
- RE: Sidewinder G2 Perrymon, Josh L. (Nov 18)
  - Re: Sidewinder G2 Valdis . Kletnieks (Nov 18)
    - Re: Sidewinder G2 Michael Gale (Nov 18)
- RE: Sidewinder G2 Kruse, Steve (Nov 18)
- Re: Sidewinder G2 Michaelmas (Nov 18)
- RE: Sidewinder G2 Schmehl, Paul L (Nov 20)
  - Re: Sidewinder G2 Shawn McMahon (Nov 20)
    - Re: Sidewinder G2 Michael Gale (Nov 20)
  - RE: Sidewinder G2 Ron DuFresne (Nov 20)