From owner-freebsd-security  Fri Mar 12 16:57:49 1999
Delivered-To: freebsd-security@freebsd.org
Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2])
	by hub.freebsd.org (Postfix) with ESMTP id C7E9D14C82
	for <freebsd-security@FreeBSD.ORG>; Fri, 12 Mar 1999 16:57:47 -0800 (PST)
	(envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.3/8.9.1) id QAA81482;
	Fri, 12 Mar 1999 16:57:29 -0800 (PST)
	(envelope-from dillon)
Date: Fri, 12 Mar 1999 16:57:29 -0800 (PST)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <199903130057.QAA81482@apollo.backplane.com>
To: Archie Cobbs <archie@whistle.com>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: disapointing security architecture
References:  <199903121836.KAA30503@bubba.whistle.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

:
:I'm not talking about certification, just hiring somebody to blast
:a box with garbage packets, run SATAN, etc. and report what they find.
:
:-Archie
:___________________________________________________________________________
:Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com

    I don't see it as being worth it.  It could be tens of thousands of 
    dollars with nothing to show for it at the end.   If we do any sort of
    official security audit, it must work towards something tangible that
    we can use as a marketing tool.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message