Xref: utzoo comp.dcom.lans:2057 comp.protocols.tcp-ip:5625 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!bu-cs!kwe From: kwe@bu-cs.BU.EDU (kwe@bu-it.bu.edu (Kent W. England)) Newsgroups: comp.dcom.lans,comp.protocols.tcp-ip Subject: Re: Network Security Message-ID: <26342@bu-cs.BU.EDU> Date: 30 Nov 88 22:44:54 GMT References: <26314@bu-cs.BU.EDU> <1009@asylum.sf.ca.us> Reply-To: kwe@buit13.bu.edu (Kent England) Followup-To: comp.dcom.lans Organization: Boston Univ. Information Tech. Dept. Lines: 39 In article <1009@asylum.sf.ca.us> romkey@asylum.UUCP (John Romkey) writes: >In article <26314@bu-cs.BU.EDU> kwe@bu-cs.BU.EDU (kwe@bu-it.bu.edu (Kent W. England)) writes: >> Networks are secure when they operate properly. > >I'm going to pick a nit. > >You're automagically defining what "operate properly" means here. I >don't think it's a truism that a network that operates properly is >secure... > >A network that is conformant with current TCP/IP specifications is not >necessarily secure but does operate properly. >-- That's no nit, that's a whole difference of opinion. Or, we have a difference of semantics at the very least. I really do mean to say that the "network" is secure when it routes packets properly. Of course, the network applications, like telnet, ftp, smtp are not secure at all simply because the network routes packets properly. I mean that if the network is routing properly, that further efforts to secure the applications running on the network should focus above the transport level. Some people would argue that networks ought to implement access control filters as a means of securing applications that use the network. I think this is ineffective and misguided. Some people think that networks ought to be shut down when applications come under attack, like what is happening with the ftpd bug on milnet right now and what happened this November with the virus attack. I think that this is inappropriate. Our networks have security risks right now. We need to address these routing and network management issues. But when it comes to addressing password cracking and handling ongoing attacks, we should be focusing on areas other than transport and routing. Perhaps we agree after all? Certainly my one line statement needed some amplification.