Fwd: Dan Kaminsky

• Previous message (by thread): What is the most standard subnet length on internet
• Next message (by thread): Fwd: Dan Kaminsky
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

William Allen Simpson <william.allen.simpson at gmail.com> writes:

> Are we paying enough attention to securing our systems?

almost certainly not.  skimming RFC 2196 again just now i find three things.

	1. it's out of date and needs a refresh -- yo barb!
	2. i'm not doing about half of what it recommends
	3. my users complain bitterly about the other half

in terms of cost:benefit, it's more and more the case that outsourcing looks
cheaper than doing the job correctly in-house.  not because outsourcing *is*
more secure but because it gives the user somebody to sue rather than fire,
where a lawsuit could recover some losses and firing someone usually won't.

digital security is getting a lot of investor attention right now.  i wonder
if this will ever consolidate or if pandora's box is just broken for all time.
-- 
Paul Vixie
KI6YSY

• Previous message (by thread): What is the most standard subnet length on internet
• Next message (by thread): Fwd: Dan Kaminsky
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]