|
Firewall Wizards
mailing list archives
Re: concerning ~el8 / project mayhem
From: "Anton A. Chuvakin" <anton () chuvakin org>
Date: Wed, 21 Aug 2002 10:39:55 -0400 (EDT)
Hi Paul and all,
I know I am late for the thread, but here goes:
I think the biggest trouble with the current scenerio is that many, many
customers don't understand that you don't *need* the attack tools to mount
an effective defense, nor to tell what's wrong with the current one. I
think even vulnerability scanners are mostly a waste of time.
Hmm, that really doesn't sit well with me. As I understand, you are
advocating good security design over testing? But what about human errors
in the above "good design"? Admittedly, no one can eliminate all of them,
thus scanners/exploit tools will server as a final semi-real-world test of
how "good" the above design really is.
Best,
--
Anton A. Chuvakin, Ph.D., GCIA
http://www.chuvakin.org
http://www.info-secure.org
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
- Re: concerning ~el8 / project mayhem, (continued)
|
Intro
