> At 07:57 AM 2/23/96 -0500, Bryan D. Boyle wrote:
> >This surprises you? How many people do you know still running windows
> >3.1 on m$dos 3.3???
> >Legacy apps show up all over the place. Inertial reasons mostly.
> >This is an example as to why systems management and security are
> >an ongoing venture, not just a set-and-forget one-time thing "yeah,
> >we are ok..." mindset.
> To expand slightly on what Bryan says, and probably state the obvious in the
> effort, that is why firewalls are important, and that is why they are here
> to stay. Controlled gateways are thousands of years old, and will be around
> for thousands of years more. (I'm making an educated guess... I'm not a
> prophet in the true sense :-).)
> No matter what you do to the desk top, unless you control the configuration
> of every desktop every minute of the day you cannot depend completely on
> secure hosts.
On the same token, it is not safe to completely rely on firewalls to provide
protection for your site. (They are but one aspect.) While they may make
remote network intrusion more difficult, the problem is not insurmountable.
A good balance between network security, host security, and general security
awareness must be maintained. Otherwise, only one security mechanism needs
to be defeated after which the entire network opens wide up.
Jeff Thompson(jwthomp @
edu) Argus Systems Group,
http://www.uiuc.edu/ph/www/jwthomp - Trusted Network Kernel Developer