> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 15 August 2000 11:14 AM
> To: Ben Nagy; [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]; Crumrine, Gary L
> Subject: RE: Syslog thru Firewall
>
>
> Ahem..
>
> Gee, a major service provider implemented this in 1996 [snip]
Implemented what? How did they do it? What were the components? You'd think
that, for the sake of your own credibility, you'd be able to present some
detail about one of these solutions you waffle about.
There was no real work done on a secure syslog until fairly recently and no
support for one in a Cisco IOS ever. (the IETF have some work in draft -
Cisco will almost certainly wait for the RFC version).
>
> Here is a hint: If I insert a vague assertion especially to
> you, I assume
> you know more than me
I'll leave that one well alone.
> and therefore will argue whether it can
> be done or
> not. The difference between good infosec engineers and bad
> ones, they
> never say it can't be done.
The difference between good infosec engineers and bad ones is that good ones
actually have some sort of idea what they're talking about. You may be a
good infosec engineer. I invite you to prove it. Just once. C'mon. You know
you want to...
Sure - one _could_ do what you're talking about. You could patch the IOS
binary directly, and implement a kerberised secure syslog variant. Easy.
> Good engineers take the problem,
> solve it
> themselves and then send one liners to some mailing list and
> wait for a
> flame war to begin.. Hmm, wait a minute,.. deja vu.. :)
Flamewar? Well, OK. If you insist.
The way you conduct yourself is consistent with only two theories.
1. You have a vast store of expertise and experience but no skill or
interest in communicating it to the forum. If this is the case, you're not
helping anyone and your inaccurate assertions are almost certainly wasting
the time of those who can't instantly classify them as false.
2. You have a surface understanding of a wide range of areas and a large
store of industry contacts but no real depth and you survive detailed
technical questioning with bluff and misdirection.
>
> Cheers and jeers
>
> /m
Cheers,
--
Ben Nagy
Network Consultant, Volante Solutions
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
