Justin,
Many appliances contain internal libraries that are not properly
patched and maintained. In fact, the last email appliance that we
targeted during a penetration test contained open source technologies
that were outdated by more than 3 years. The majority of those outdated
technologies were open source Linux libraries with significant high risk
exploitable known vulnerabilities.
You need to remember that an appliance is little more than a computer
with software installed on it. Just like with computers, you need to
patch and maintain ALL of the software or you'll get pwned.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Justin Andrusk wrote:
>
> Why?
>
> Thanks,
>
> "Why write a program when you can write a program to write a program?"
> -- Author unknown
>
> ===========================================================================================================
> Justin R. Andrusk
> Enterprise Security Architecture & Design
> Blog: _http://andrusk.dyndns.org_ <http://andrusk.dyndns.org/>
> ===========================================================================================================
>
>
>
> *Adriel Desautels <adriel_at_netragard.com>*
> Sent by: listbounce_at_securityfocus.com
>
> 05/14/2008 08:50 PM
>
>
> To
> TBarnhart_at_rcrh.org
> cc
> security-basics_at_securityfocus.com
> Subject
> Re: Email Encryption
>
>
>
>
>
>
>
>
> I do not recommend using an appliance for secure email.
>
> Regards,
> Adriel T. Desautels
> Chief Technology Officer
> Netragard, LLC.
> Office : 617-934-0269
> Mobile : 617-633-3821
> http://www.linkedin.com/pub/1/118/a45
>
> Join the Netragard, LLC. Linked In Group:
> http://www.linkedin.com/e/gis/48683/0B98E1705142
>
> ---------------------------------------------------------------
> Netragard, LLC - http://www.netragard.com - "We make IT Safe"
> Penetration Testing, Vulnerability Assessments, Website Security
>
> Netragard Whitepaper Downloads:
> -------------------------------
> Choosing the right provider : http://tinyurl.com/2ahk3j
> Three Things you must know : http://tinyurl.com/26pjsn
>
>
> TBarnhart_at_rcrh.org wrote:
> > Zix Corp.
> > IronPort
> > Secure Mail (IronMail)
> >
> > Troy Barnhart, Sr. Systems Programmer
> > tbarnhart_at_rcrh.org
> > Regional Health, Inc.
> > 353 Fairmont Boulevard
> > Rapid City, South Dakota 57701
> > PH: 605-716-8352 / FAX: 605-716-8302
> >
> >
> >
> >
> > Regional Health's mission is to provide and support health care
> excellence in partnership with the communities we serve.
> >
> > Note: The information contained in this message, including any
> attachments, may be privileged, confidential, or protected from
> disclosure under state or federal laws . If the reader of this message
> is not the intended recipient, or an employee or agent responsible for
> delivering this message to the intended recipient, you are hereby
> notified that any dissemination, distribution, or copying of this
> communication is strictly prohibited. If you have received this
> communication in error, please notify the Sender immediately by a "reply
> to sender only" message and destroy all electronic or paper copies of
> the communication, including any attachments.
>
Received on May 16 2008
Intro
