Re: Email Encryption

[Adriel Desautels <adriel () netragard com>]

Justin,
	Many appliances contain internal libraries that are not properly 
patched and maintained. In fact, the last email appliance that we 
targeted during a penetration test contained open source technologies 
that were outdated by more than 3 years. The majority of those outdated 
technologies were open source Linux libraries with significant high risk 
exploitable known vulnerabilities.

	You need to remember that an appliance is little more than a computer 
with software installed on it. Just like with computers, you need to 
patch and maintain ALL of the software or you'll get pwned.


Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Justin Andrusk wrote:
> Why?
>
> Thanks,
>
> "Why write a program when you can write a program to write a program?"
> -- Author unknown
>
> ===========================================================================================================
> Justin R. Andrusk
> Enterprise Security Architecture & Design
> Blog: _http://andrusk.dyndns.org_ <http://andrusk.dyndns.org/>
> =========================================================================================================== 
>
>
>
> *Adriel Desautels <adriel () netragard com>*
> Sent by: listbounce () securityfocus com
>
> 05/14/2008 08:50 PM
>
>         
> To
>         TBarnhart () rcrh org
> cc
>         security-basics () securityfocus com
> Subject
>         Re: Email Encryption
>
>
>         
>
>
>
>
>
> I do not recommend using an appliance for secure email.
>
> Regards,
> Adriel T. Desautels
> Chief Technology Officer
> Netragard, LLC.
> Office : 617-934-0269
> Mobile : 617-633-3821
> http://www.linkedin.com/pub/1/118/a45
>
> Join the Netragard, LLC. Linked In Group:
> http://www.linkedin.com/e/gis/48683/0B98E1705142
>
> ---------------------------------------------------------------
> Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
> Penetration Testing, Vulnerability Assessments, Website Security
>
> Netragard Whitepaper Downloads:
> -------------------------------
> Choosing the right provider : http://tinyurl.com/2ahk3j
> Three Things you must know  : http://tinyurl.com/26pjsn
>
>
> TBarnhart () rcrh org wrote:
>  > Zix Corp.
>  > IronPort
>  > Secure Mail (IronMail)
>  >
>  > Troy Barnhart, Sr. Systems Programmer
>  > tbarnhart () rcrh org
>  > Regional Health, Inc.
>  > 353 Fairmont Boulevard
>  > Rapid City, South Dakota 57701
>  > PH: 605-716-8352 / FAX: 605-716-8302
>  >
>  >
>  >
>  >
>  > Regional Health's mission is to provide and support health care 
> excellence in partnership with the communities we serve.
>  >
>  > Note: The information contained in this message, including any 
> attachments, may be privileged, confidential, or protected from 
> disclosure under state or federal laws . If the reader of this message 
> is not the intended recipient, or an employee or agent responsible for 
> delivering this message to the intended recipient, you are hereby 
> notified that any dissemination, distribution, or copying of this 
> communication is strictly prohibited. If you have received this 
> communication in error, please notify the Sender immediately by a "reply 
> to sender only" message and destroy all electronic or paper copies of 
> the communication, including any attachments.