Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Castles and Security (fwd)

Re: Castles and Security (fwd)

From: Steven M. Bellovin <smb_at_research.att.com>
Date: Tue, 09 Jan 2001 13:29:13 -0500

In message <D9C570D94236D4118DAE00508BCF3DA802218947_at_cs14mail.bestbuy.com>, "Sc
ott, Richard" writes:
><ramble>
>My sense of things is two fold. Firstly, if we are to build secure
>infrastructures, we need to use quality components. Would one build a
>castle out of straw. Despite bringing in another analogy, two of the three
>pigs built "castles" were not successful!
>
>If I decide to build an infrastructure, I should have the right to chose
>adequate components, and if those components are somehow certified, or
>legally advertising to be secure, that that should be sufficient.
>If I build a house and select quality bricks, and find that after the house
>was built the bricks were made of baked sand in stead of a concrete mixture
>(as advertised) as to allow anyone to enter in to my house, I could have
>legal recourse. The manufacture would be sued, and those who entered my
>house would also face legal prosecution either by my self or the state. Of
>all the discussions I seem to read on this, there tends to be a targeting of
>the attackers, or (exclusive) the manufactures.
>
>The problem are targeting I think should be reinforced at the component
>level. The gray area of security is that there isn't or lack of certified
>products that are secure. Yes, I could take NT/2000 set that up, and follow
>MS guidelines, and with the typical software disclaimer, I have no right in
>arguing that my system is safe, legally speaking. Targeting should be two
>pronged, at the attacker and the manufacturer.
>

There are a lot of problems with this line of argument, most notably
that security components don't compose. Furthermore, whatever
component certifications do exist are relative to a given security
model; if you needs don't meet that model, the certification is
useless. (A Orange Book B2 rating is quite irrelevant to protection of,
say, a multi-customer Web hosting computer.) Certifications also tend
to have environment restrictions; again, violating these can void the
warranty.

                --Steve Bellovin

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_nfr.com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Received on Jan 10 2001

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos