17 Dec
2003
17 Dec
'03
11:17 p.m.
What we need to concentrate on is secure systems that are not vulnerable to IP spoofing, as opposed to firewalls.
You're exactly right. However, getting people to deploy real security systems is nearly impossible. My company sells a kerberos system, and although everyone is saying they want security, nobody really understands what this means, and as soon as we tell them that it actually involves effort, they become far less interested. Even though I've seen companies get hosed because of lame security, the people who matter aren't willing to commit. I'm hoping that as firewalls begin to fall, that the CERT will stop recommending half-assed solutions. We'll have to wait and see. Marc