Full Disclosure mailing list archives

Re: Re: Gates: 'You don't need perfect code' for good security

From: Peter Moody <peter () ucsc edu>
Date: Fri, 31 Oct 2003 14:39:12 -0800

First, firewalling and patching can not in fact shield networks from
all of the impact of worms and viruses. Ask any experienced network
admin. There will always be users who bring into a firewalled network
a laptop that was, for example, infected at home. Once that infected
laptop is connected to the enterprise, the firewall is irrelevant.


Host based firewalling will take care of this.  I don't care who you are
or where I am, but my computer is my "crown jewel" and I'm not going to
let any packet touch it that I don't want touching it.  I'm pretty sure
that's what Gates was talking about; if you click on the "secure your pc
1-2-3" link on any of the ms.com webpages, their suggestion is to turn
on the host-based firewall.  There's no mention of dropping money for a
cisco pix or nokia/checkpoint solution.

-Peter

-- 
Peter Moody                             <peter () ucsc edu>
Information Security Administrator      831/459.5409
Communications and Technology Services. http://mustard.ucsc.edu/pubkey
UC, Santa Cruz.
:wq

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Gates: 'You don't need perfect code' for good security Jeremiah Cornelius (Oct 31)
- Re: Gates: 'You don't need perfect code' for good security Exibar (Oct 31)
- <Possible follow-ups>
- RE: Gates: 'You don't need perfect code' for good security Stephen Blass (Oct 31)
  - Re: Gates: 'You don't need perfect code' for good security Valdis . Kletnieks (Oct 31)
- Re: Gates: 'You don't need perfect code' for good security Kenneth R. van Wyk (Oct 31)
  - Re: Re: Gates: 'You don't need perfect code' for good security Peter Moody (Oct 31)
- RE: Gates: 'You don't need perfect code' for good security Robert Ahnemann (Oct 31)