On Mon, 24 Mar 2008 09:13:38 -0000, "Petko D. Petkov" said: > Not always. I think complexity is the enemy of security. The simpler > the system is the less chance to screw up, the more secure it is. It > is much easier to secure a single port then a class B network, don't > you think?
Not always - there's a *lot* of /16's out there that the answer is simply "airgap it and be done". On the other hand, trying to actually secure the traffic that wanders by on port 80 is a bitch, given all the XSS bugs and bugs in crappy PHP applications and so on...
pgppI2Fgvxoml.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
