[83010] in North American Network Operators' Group
Re: Your router/switch may be less secure than you think
daemon@ATHENA.MIT.EDU (Robert Bonomi)
Wed Aug 3 11:18:37 2005
Date: Wed, 3 Aug 2005 09:30:56 -0500 (CDT)
From: Robert Bonomi <bonomi@mail.r-bonomi.com>
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
> From owner-nanog@merit.edu Wed Aug 3 09:07:20 2005
> To: Michael.Dillon@btradianz.com
> Cc: nanog@merit.edu
> Subject: Re: Your router/switch may be less secure than you think
> From: "Robert E.Seastrom" <rs@seastrom.com>
> Date: Wed, 03 Aug 2005 09:58:53 -0400
>
>
>
> Michael.Dillon@btradianz.com writes:
>
> > We should all be looking to the security auditing work done by
> > the OpenBSD team for an example of how systems can be
> > cleaned up, fixed, and locked down if there is a will to do so.
>
> Beer, unsupported assertions, and lack of rigorous audit methodology
> can be blended together to make one's code more secure?
That would seem to depend on the quality of the code _before_ the blending, no?
As well as getting the proportions in the blend "just right".
*grin*
Seriously, _any_ approach "can" result in better/more secure code. It all
depends on exactly _what_ is done. Some approaches for identifying and/or
eliminating "problems" are more efficient and/or more effective than are
alternative means. This does -not- mean that those are the "only" ways to
get things done.
Now, the _liklihood_ that any given approach "willresult in better/more secure
code -- *that* is an entirely different question. :)
