Date: Mon, 26 Nov 2001 00:19:31 -0800 From: "Crist J. Clark" <cristjc@earthlink.net> To: Andre Hall <ahall@pcgameauthority.com> Cc: myraq@mgm51.com, G Brehm <gbbrehm@yahoo.com>, security@FreeBSD.ORG Subject: Re: Best security topology for FreeBSD Message-ID: <20011126001931.D222@gohan.cjclark.org> In-Reply-To: <002801c17564$1b5e2a60$060aa8c0@pcgameauthority.com>; from ahall@pcgameauthority.com on Sat, Nov 24, 2001 at 07:48:55PM -0800 References: <20011125013812.9839.qmail@web10106.mail.yahoo.com> <200111242124560932.023F3386@home.24cl.com> <002801c17564$1b5e2a60$060aa8c0@pcgameauthority.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 24, 2001 at 07:48:55PM -0800, Andre Hall wrote: [snip] > There is a reason why most security industry has > stuck with the approach, Because it is cheaper and easier to do as a "drop in" solution. > it is practical It is actually harder to properly configure. However, the fact many vendors cater to the market has made the "knowledge base" on the design fairly deep. > and a fool proof It is far, far from fool proof. Security is never fool proof. > way of guarding > internal assets while provided the necessary exposures to services others > need to access. I do agree that for small sites it may not make sense to devote the resources to the stronger, layered design. Security is never absolute. It is always balanced against cost. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011126001931.D222>