gilles at gravier.org
Mon Jan 19 11:36:20 UTC 2009
Steve Lamb wrote:
> Gilles Gravier wrote:
>> Rather than add an additional layer (knockd) I chose strong
>> authentication. Each situation has several possible ways to address it.
>> I'm not saying knockd is BAD. I'm just saying it's not the ultimate
>> silver bullet that you seem to imply here.
> I never said it was. I am saying it is quantifiably better than leaving
> the port open to all comers all of the time.
So you close your port 80 when not receiving HTTP requests either?
>> That phrase is formulated like if you were a teen-ager. Decades of
>> security... Hum. I was hacking at systems back in 1986. Were you born
> Ah, pulling the ol' "I'm older than you, boy" argument. Nice. 86, hm?
> Yeah, you could say I was born by then.
Good. You just didn't sound like it.
>> I'm a CISSP. Are you?
> Better question is did you actually learn anything or just memorize enough
> to pass the test so you can wave it around when you're caught spouting off
It's my daily job... it seems that most of my customers seem to consider
me good at it. CISSP came from more than 14 years doing security as a
formalization of such... not as, for many, a "I learn the book during a
week of training then I take the test.".
And by the way... you keep your CISSP certification year over year by
practicing security and not by just paying your fees.
Everybody has a different approach.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-users