On 7/27/05, Chris Kuethe <[EMAIL PROTECTED]> wrote: > On 7/26/05, Siju George <[EMAIL PROTECTED]> wrote: > > On 7/26/05, Bruno Delbono <[EMAIL PROTECTED]> wrote: > > > +++ Siju George [Tue Jul 26, 2005 at 10:18:56AM +0530]: > > > > > > > how much truth is actually in this article??? > > > > > > It makes a lot of sense and is right on. What I take out of this article > > > is > > > that having one single firewall (can be any type: network, application > > > etc.) > > > at the perimeter doesn't stop hackers. > > > > > > I don't see what really alarmed you? > > > > > > > Thanks for the reply Bruno. Just the thing whether this is the current > > trend. eliminating firewalls and going for an alternative like he > > mentioned? > > You completely missed the point. > > The point was that the "crunchy on the outside, chewy on the inside" > security model is wrong. A single perimeter firewall tends to allow > the inside network to be woefully unsecure and this is something to be > avoided. Or, put another way, the single greatest failing of a > firewall is that it allows people to continue behaving unsafely. > > Think about it: if every host you control is set up to survive contact > with an evil host, then it doesn't matter much if someone out there > tries to break in, or someone brings in a virus-laden laptop or > whatever else. So maybe the elimination of "the firewall" is a > worthwhile pursuit so long as you keep an eye toward properly bolting > down your empire. >
Yes :-( Thankyou so much :-) kind regards Siju > CK > > -- > GDB has a 'break' feature; why doesn't it have 'fix' too?