Full Disclosure mailing list archives
Re: Re: Gates: 'You don't need perfect code' for good security
From: Peter Moody <peter () ucsc edu>
Date: Fri, 31 Oct 2003 14:39:12 -0800
First, firewalling and patching can not in fact shield networks from all of the impact of worms and viruses. Ask any experienced network admin. There will always be users who bring into a firewalled network a laptop that was, for example, infected at home. Once that infected laptop is connected to the enterprise, the firewall is irrelevant.
Host based firewalling will take care of this. I don't care who you are or where I am, but my computer is my "crown jewel" and I'm not going to let any packet touch it that I don't want touching it. I'm pretty sure that's what Gates was talking about; if you click on the "secure your pc 1-2-3" link on any of the ms.com webpages, their suggestion is to turn on the host-based firewall. There's no mention of dropping money for a cisco pix or nokia/checkpoint solution. -Peter -- Peter Moody <peter () ucsc edu> Information Security Administrator 831/459.5409 Communications and Technology Services. http://mustard.ucsc.edu/pubkey UC, Santa Cruz. :wq
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Gates: 'You don't need perfect code' for good security Jeremiah Cornelius (Oct 31)
- Re: Gates: 'You don't need perfect code' for good security Exibar (Oct 31)
- <Possible follow-ups>
- RE: Gates: 'You don't need perfect code' for good security Stephen Blass (Oct 31)
- Re: Gates: 'You don't need perfect code' for good security Valdis . Kletnieks (Oct 31)
- Re: Gates: 'You don't need perfect code' for good security Kenneth R. van Wyk (Oct 31)
- Re: Re: Gates: 'You don't need perfect code' for good security Peter Moody (Oct 31)
- RE: Gates: 'You don't need perfect code' for good security Robert Ahnemann (Oct 31)