Firewall Wizards mailing list archives
Re: Paper on why I need a security Assessment
From: Bennett Todd <bet () rahul net>
Date: Sat, 5 Feb 2000 10:18:24 -0500
2000-02-05-02:40:11 Omar T. Fahnbulleh:
You can write your own Security assessment if you use RFC2196.
You can write your own security assessment if you know what you're doing. RFC2196 may help you learn what you're doing; it's not a bad doc. There are lots of other good resources I'd recommend; first and foremost is always Bellovin and Cheswick's Firewalls and Internet Security, it makes all the basic concepts clear. But no matter how expert you are, there are things you don't know. And unless you way, _WAY_ more expert than the auditor (only a problem if you get a computer security audit from a financial auditing firm, and don't squeeze 'em by the goolies until they cough up a real security analyst) just getting an independant second look at your security policy and implementation can be a big help. -Bennett
Attachment:
_bin
Description:
Current thread:
- Paper on why I need a security Assessment Matt McClung (Feb 01)
- Re: Paper on why I need a security Assessment Bennett Todd (Feb 02)
- RE: Paper on why I need a security Assessment Omar T. Fahnbulleh (Feb 06)
- Re: Paper on why I need a security Assessment Bennett Todd (Feb 06)
- RE: Paper on why I need a security Assessment Omar T. Fahnbulleh (Feb 06)
- <Possible follow-ups>
- Re: Paper on why I need a security Assessment Antonomasia (Feb 02)
- Re: Paper on why I need a security Assessment jason . wang (Feb 02)
- RE: Paper on why I need a security Assessment Doty, Ted (ISSAtlanta) (Feb 02)
- RE: Paper on why I need a security Assessment Moore, James (Feb 02)
- Re: Paper on why I need a security Assessment Bennett Todd (Feb 02)