I'm not sure I get your point.
In the event of a security breach due to a failure or a
misconfiguration, it doesn't matter to the organization at the time
how it was compromised, only that it was. They will certainly want
to fix whatever happened after the fact, but during a compromise
it's largely irrelevant where fault lies.
As a consultant, I've worked in dozens of organizations (many
fortune 500) and I have yet to find one whose change control
procedures were so good they could always guarantee no
inappropriate changes ever occurred. (I doubt such an organization
exists)
The point I was making is that given the unpredictability of human
nature (i.e. people make mistakes) and bugginess of all software,
the less configuration/software you have to rely on for your security
the better.
Do you disagree based on the idea that you can blame someone
when a problem occurs? While it may be nice to know you can
point a finger at someone when there are problems, I believe its
better to eliminate the source of the problem to begin with.
-Kent
On 9 May 2001, at 2:40, Jacques Atlas wrote:
> hi
>
> On Tue, 8 May 2001, [EMAIL PROTECTED] wrote:
>
> |event of just the right failure/misconfiguration, someone could
> |theoretically re-configure the switch to do bad things.
>
> failure or misconfiguration has a direct fault which has to do with
> the owner.
>
> the switch doing something which people do not expect it to is the
> venders fault.
>
> --
> jacques
> FAQ, list archives, and subscription info:
> http://www.groupstudy.com/list/cisco.html Report misconduct and
> Nondisclosure violations to [EMAIL PROTECTED]
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=3814&t=3666
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
