From owner-nanog@merit.edu Wed Aug 3 09:07:20 2005 To: Michael.Dillon@btradianz.com Cc: nanog@merit.edu Subject: Re: Your router/switch may be less secure than you think From: "Robert E.Seastrom" <rs@seastrom.com> Date: Wed, 03 Aug 2005 09:58:53 -0400
Michael.Dillon@btradianz.com writes:
We should all be looking to the security auditing work done by the OpenBSD team for an example of how systems can be cleaned up, fixed, and locked down if there is a will to do so.
Beer, unsupported assertions, and lack of rigorous audit methodology can be blended together to make one's code more secure?
That would seem to depend on the quality of the code _before_ the blending, no? As well as getting the proportions in the blend "just right". *grin* Seriously, _any_ approach "can" result in better/more secure code. It all depends on exactly _what_ is done. Some approaches for identifying and/or eliminating "problems" are more efficient and/or more effective than are alternative means. This does -not- mean that those are the "only" ways to get things done. Now, the _liklihood_ that any given approach "willresult in better/more secure code -- *that* is an entirely different question. :)