[Full-Disclosure] Re: Gates: 'You don't need perfect code' for good security

[Peter Moody]

> First, firewalling and patching can not in fact shield networks from
> all of the impact of worms and viruses. Ask any experienced network
> admin. There will always be users who bring into a firewalled network
> a laptop that was, for example, infected at home. Once that infected
> laptop is connected to the enterprise, the firewall is irrelevant.

Host based firewalling will take care of this.  I don't care who you are
or where I am, but my computer is my "crown jewel" and I'm not going to
let any packet touch it that I don't want touching it.  I'm pretty sure
that's what Gates was talking about; if you click on the "secure your pc
1-2-3" link on any of the ms.com webpages, their suggestion is to turn
on the host-based firewall.  There's no mention of dropping money for a
cisco pix or nokia/checkpoint solution.

-Peter

-- 
Peter Moody                             <peter at ucsc.edu>
Information Security Administrator      831/459.5409
Communications and Technology Services. http://mustard.ucsc.edu/pubkey
UC, Santa Cruz.
:wq
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031031/7a57320d/attachment.bin