At 19:59 23/04/98 -0500, tqbfat_private wrote: >> > Do not rely on switches because switches are not designed for >> >security. >> >> Based on that logic, there's just about nothing you CAN >> rely on, except death, taxes, and sendmail bugs. > >I don't think that's very fair. It seems obvious to me that some systems >have more attention paid to them for security (VMailer, for instance) than >others (like Sendmail). My confidence in VMailer is much greater than my >confidence in Sendmail, to the point where I'd be willing to consider >deploying VMailer in circumstances where Sendmail's lack of reliability is >prohibitive. > >Same goes for switches and link-layer security. Even more unfair... I agree with you regarding Vmailer/sendmail but I would compare sendmail = hub and vmailer = switch. The former has little security in it (let's assume that a hub is a very bugged switch) while the latter has more security. Vmailer/switch are not secure enough to use them alone for security, you used them with other devices, don't you ? I stop here because, the smell of religious war is becoming apparent -eric > >----------------------------------------------------------------------------- >Thomas H. Ptacek Secure Networks, Inc. >----------------------------------------------------------------------------- >http://www.enteract.com/~tqbf "If you're so special, why aren't you dead?" > Eric Vyncke Technical Consultant Cisco Systems Belgium SA/NV Phone: +32-2-778.4677 Fax: +32-2-778.4300 E-mail: evynckeat_private Mobile: +32-75-312.458
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:56:42 PDT