Full Disclosure mailing list archives
Re: CyberInsecurity: The cost of Monopoly
From: Frank Knobbe <frank () knobbe us>
Date: Sun, 28 Sep 2003 14:34:10 -0500
On Sun, 2003-09-28 at 13:04, Michal Zalewski wrote:
I'd argue... many vendors [...] provide integrated corporation-wide mechanisms for enforcing group firewalling, access and logging/IDS policies on workstations or groups of workstations (and, why not, also servers). [...] The technology is there. It takes some effort to use it and do it correctly, of course.
Michal, I think Paul's sentiment was that current efforts are focused on networks, IP addresses, firewalls, protocols, etc, basically focusing on the _transport_ of data. I think what we need are better mechanism to protect the _data_ itself, not just the transport/protocol of it. I'm not talking about Palladium crap, but more in the direction of more efficient ACL's, RBAC, and finer system level control. We *can* harden the chewy insides by applying better controls. (All too often I see networks with Share and File/Dir permissions being Everyone-Full_Access...). Paul, feel free to disagree if I put words in your mouth ;) Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: CyberInsecurity: The cost of Monopoly, (continued)
- Re: CyberInsecurity: The cost of Monopoly Fabio Gomes de Souza (Sep 28)
- RE: CyberInsecurity: The cost of Monopoly Chris Stewart (Sep 26)
- RE: CyberInsecurity: The cost of Monopoly *Hobbit* (Sep 27)
- RE: CyberInsecurity: The cost of Monopoly Rick Kingslan (Sep 27)
- RE: CyberInsecurity: The cost of Monopoly Curt Purdy (Sep 27)
- Re: CyberInsecurity: The cost of Monopoly Florian Weimer (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Karl DeBisschop (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Paul Schmehl (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Michal Zalewski (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Florian Weimer (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Frank Knobbe (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Michal Zalewski (Sep 28)
- Re: CyberInsecurity: The cost of Monopoly Frank Knobbe (Sep 28)
- RE: CyberInsecurity: The cost of Monopoly Rick Kingslan (Sep 27)
- Re: CyberInsecurity: The cost of Monopoly Paul Schmehl (Sep 28)
- Pudent default security - Was: CyberInsecurity: The cost of Monopoly security () brvenik com (Sep 28)
- Re: Pudent default security Paul Schmehl (Sep 28)
- Re: Re: Pudent default security Jay Sulzberger (Sep 28)
- Re: Re: Pudent default security Ed Carp (Sep 29)
- Re: Re: Pudent default security Jay Sulzberger (Sep 28)
- Re: Re: Pudent default security Ed Carp (Sep 29)
- Re: Re: Pudent default security Jay Sulzberger (Sep 28)