Proxy 2.0 secure?
Fri, 26 Jun 1998 23:50:31
At 03:50 PM 6/25/98 -0400, Brian Steele wrote:
>The test covers the security performance of NT-based firewall systems in the
>ideal security environment, I agree. The test do not show how that could be
>expected to perform security-wise if you were moronic enough to leave gaping
>holes in your access mechanism via test accounts, alternate access paths and
>But should they?
>I think we may be mixing up the testing of an application's security control
>mechanisms with a company's security implementation utilizing that
>application. Or looking at it from another direction, if someone implements
>MSP 2.0 and then removes all packet filtering, is this security hole the
>fault of MSP 2.0 or the sysadmin who removed the filters?
I'm sorry if I wasn't clear.
=====[Quote from my mail]=================================================
[just to prevent 'flames', this comment was directed to 'real-world
testing', not to 'is ms proxy 2.0 secure enough?', or "is it sysadmins
fault to have test/nasa account?"]
Information Systems Manager
Siam Relay Ltd.
Fax : +662-272-6516