[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] CyberInsecurity: The cost of Monopoly

--On Sunday, September 28, 2003 8:04 PM +0200 Michal Zalewski <lcamtuf@xxxxxxxxxxx> wrote: 

I'd argue... many vendors (Okena aka Cisco, BlackICE aka ISS, etc)
provide integrated corporation-wide mechanisms for enforcing group
firewalling, access and logging/IDS policies on workstations or groups of
workstations (and, why not, also servers).

The problem is that you cannot "firewall" the networking protocols. Okena and other products like it make a good attempt at stopping attacks, but they are outrageously expensive for the most part.

I'm arguing that more thinking and planning needs to go in to the networking part of the equation (not TCP/IP but file sharing/authentication protocols.)

Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html