Firewalls: Re: A "real" security expert

Firewalls
(March 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: A "real" security expert
From:	Darren Reed <avalon @ coombs . anu . edu . au>
Date:	Thu, 30 Mar 1995 18:38:33 +1000 (EST)
To:	jcg @ wcdssi . com
Cc:	Firewalls @ GreatCircle . COM
In-reply-to:	<Chameleon.4.01.2.950329175046.jcg@> from "jcg @ wcdssi . com" at Mar 29, 95 05:40:41 pm

> 
> 
> Marcus wrote:
> >Marcus,
> 
> >> 
> >> 	None of the (real) security experts I know say that split
> >> DNS is important. See some of my previous postings in the archives
> >> for more detailed explanations of why split DNS doesn't buy you
> >> anything but a few warm fuzzies.
> >> 
> 
> Ken Lee wrote:
> 
> >What is it that makes someone a "real" security expert?
> 
> >Ken Lee
> 
> John writes:
> "Its someone who knows where to get the expertise, how to apply it, and what 
> to charge for it".

Really ?  I could have sworn that two `security experts' were just about
to give away a tool which will probably do more than many so called experts
do (assuming that such exist).

Only if you're very paranoid would you worry about split DNS (and then
you need to do a fair amount more work to ensure it stays that way).

If you're properly firewalled and your internal security is as good as
your firewalls, then I can't see why it would be useful...you're hiding
hostnames that are never going to be of use to anyone breaking into your
system from beyond the firewall.

darren

References:

A "real" security expert
From: jcg @ wcdssi . com

Indexed By Date	Previous:	Re: On alarms and paging... From: support @ jfdi . demon . co . uk (CWS Unix Support)
Indexed By Date	Next:	Re: TCP port used for Oracle SQLNet? From: Yves . Dherbecourt @ der . edf . fr (Yves Dherbecourt - IMA/ICI/ASR - 47653790)
Indexed By Thread	Previous:	A "real" security expert From: jcg @ wcdssi . com
Indexed By Thread	Next:	Re: A "real" security expert From: "Frank Byrum" <byrum @ vbv . dec . com>