> -----Original Message----- > From: Ron DuFresne [mailto:[EMAIL PROTECTED]] > Sent: Friday, April 19, 2002 08:48 > To: Noonan, Wesley > Cc: 'Ben Nagy'; [EMAIL PROTECTED] > Subject: RE: VLANs and security... was RE: Cisco IDS > > On Mon, 15 Apr 2002, Noonan, Wesley wrote: > > > > > position that seems to be so prevalent on this list. I think it is bad > > practice to make such blanket generalizations. > > > > The reference to "how often does it appear on BugTraq" translates pretty > much to: look at the historical evidence.
Sure, I still don't think a blanket "VLANs bad" statement is wise. > > Security policies and practices that prevent business are BAD. > > > > FUD! The company does no business if their security does not protect > their interests/assets. Absolutely not!!!!!! Having the best security in the world, such that it prevents business is much, much worse. Why? Because the company with no security can still make money in many cases. If security stops business, the company can't make money. Far too many security professionals seem to function in a bubble. They fail to see the correlation between security and making money, and they fail to realize that they have to balance the needs of security against the requirement to make money, and find the most secure position they can have, while still not precluding or preventing the ability to make money. It's a tightrope walk and a balancing act, which is why the folks who can walk that rope and strike that balance are so valuable. > > Agreed. Again, this is the point that I was trying to make. It's not > cookie > > cutter. There are a LOT of variables to weigh, and I just think it is > bad > > practice to make statements like I have seen from others on this list. > > > > So it's better to just what? say and do nothing and consider nothing in > an evaluation/assesment of a product/potential implimentation? Folks come Not present opinion as fact? To try not to take "extremist" positions, and then propagate those positions. > to this list to ask others to share theit knowledge and experience. This > is what Paul and others have done, and you mostly just decided Paul's > style in approcahing this was FUD. Do consider, in a busy day, when folks Yes, I do. I think much of the validity in his position was lost in the delivery. > reply to e-mails here and elsewhere their 'style' differs greatly to that > one might see/percieve when addressing them face up and vocally. I'm sure > Paul is a busy man, and tries to share as quickly as possible those > momnets he can to prvoviding help and knowledge gained throughout the > years to others freely here. As do others, I'm sure this is pretty much > the same with you. Wow, I think this is as close as you have come to actually acknowledging that I might well be able to differentiate between my ass and a hole in the ground without need of a map... <g> > Afterall, how many folks get paid to spend time on > this and the other lists they contribute to? I can say, I often find > great humor, as well as insight in Paul's style here <smile>. And have a No doubt. As have I. I just think that he was a little "off" on this particular topic. > few times busted a gut and spewed some coffee about the monitor and > keyboard while gaining some valuable information. Now, if I do not > understand what he's saying, or require deeper clarification of points > he's jotting out here quickly, whose responsibility is it for me to gain > deeper insight? For some reason, you assume that I need "deeper clarification"? No doubt, learning is the responsibility of the learner. > Is it not *my* obligation to request claification and > edification? Sure, however if one is going to be as so bold as to make a statement, particularly of a technical nature on a technical list, then they should probably be ready and able to clarify it if requested. > In like token, if his style does so bug me that I go on a > rant each time he gives advise, whose responsibility is it for me to hit > delete when seeing his name on a post or just killfile his responses so as > to save my attitude for the rest of the day? If everything Paul said bothered me that much, maybe I would. However, while you still *do not know me*, those who do could certainly tell you that I don't believe in that. I am not willing to lose the volumes of insight that Paul, or anyone else, can provide simply because I "don't like his style". Besides, AFAIC, this is really more specific to this single topic, hardly a style, which is a bit of a pet peeve for me. Wes _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
