Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!mcnc!rti!dg-rtp!bigben!bigben!philip From: philip@beeblebrox.dle.dg.com (Philip Gladstone) Newsgroups: comp.protocols.tcp-ip Subject: Re: Reducing the risks when connecting to an internet Message-ID: Date: 27 Nov 90 14:55:26 GMT References: <9011260544.AA01255@ucbvax.Berkeley.EDU> <1990Nov26.101009.9680@cs.columbia.edu> <1990Nov26.151017.2023@hemel.bull.co.uk> Sender: usenet@dle.dg.com (Net News) Organization: Data General, Development Lab Europe Lines: 28 In-Reply-To: pmoore@hemel.bull.co.uk's message of 26 Nov 90 15:10:17 GMT In article <1990Nov26.151017.2023@hemel.bull.co.uk> pmoore@hemel.bull.co.uk (Paul Moore) writes: pmoore> Gosh, I am glad to see somebody making that point, ("security is a host pmoore> problem not a net problem"). Security is both a network and a host problem. The more defences you have, the better protected you are. Compare with a military base (a network). Even though they think that the safe (the host) holding the codebooks is secure, they still don't let you anywhere near it! Similarly, even though the Bank of England beleives that their vaults are secure, they still don't hand out the plans. The other key advantage of network security is that (if the network is organised correctly), all traffic passes through a small number of points. These points can be carefully controlled. Again: I would prefer that the Bank of England control the people entering the Bank, rather than relying solely on the security of the vault. -- Philip Gladstone Dev Lab Europe, Data General, Cambridge, UK Listen three eyes, don't you try and outweird me, I get stranger things that you free with my breakfast cereal.