From owner-nanog@merit.edu Wed Aug 3 09:07:20 2005
To: Michael.Dillon@btradianz.com
Cc: nanog@merit.edu
Subject: Re: Your router/switch may be less secure than you think
From: "Robert E.Seastrom" <rs@seastrom.com>
Date: Wed, 03 Aug 2005 09:58:53 -0400Michael.Dillon@btradianz.com writes:
> We should all be looking to the security auditing work done by
> the OpenBSD team for an example of how systems can be
> cleaned up, fixed, and locked down if there is a will to do so.Beer, unsupported assertions, and lack of rigorous audit methodology
can be blended together to make one's code more secure?
That would seem to depend on the quality of the code _before_ the blending, no?
As well as getting the proportions in the blend "just right".
*grin*
Seriously, _any_ approach "can" result in better/more secure code. It all
depends on exactly _what_ is done. Some approaches for identifying and/or
eliminating "problems" are more efficient and/or more effective than are
alternative means. This does -not- mean that those are the "only" ways to
get things done.
Now, the _liklihood_ that any given approach "willresult in better/more secure
code -- *that* is an entirely different question. 