[funsec] quick OT thought

RandallMan randallm at fidmail.com
Thu Apr 17 14:05:39 CDT 2008


On Thu, Apr 17, 2008 at 1:03 PM, <Valdis.Kletnieks at vt.edu> wrote:

> On Thu, 17 Apr 2008 12:39:01 CDT, RandallMan said:
>
> > Have been refreshing myself on CEH and CISSP studies. Looking over the
> OSI
> > model I noticed that all layers have been hacked! Perhaps its time for
> > another layer:
> > THE SECURE LAYER-LAYER 8. Perhaps this would fit true with a "layered"
> > approach to security.
>
> On the other hand, implementing security at Layer 8 almost guarantees that
> it's
> a "bolt on after the fact".  Also, "defense in depth" (which is what you
> probably *mean* by "layered" - multiple security layers) suggests that
> there
> should be components at all 7 layers.  Everything from "Do it via copper
> rather
> than wireless" (a layer 1 issue) to "Deploy switches/configs that are
> resistant
> to MAC address spoofing" through crypto and other stuff at the higher
> layers...
>
>
Actually, since I am hashing, I think I meant it as that-Secure Layer.
Layered security.
Let in the virtual sense sit under the application. Therefore, as the
"presentation" prepares and sends it better fit the model for security
(sorta goes with the MAC).

In my meddling and thinking it seems there are security implementations
where ever exploits have appeared in the model. Security seems to just
"follow", rather then set the standard by which applications must adhere to.

Of course I guess that's the way it will have to be. Making everything fit a
model is not the real world.

Like I said, just some random OT thoughts.

-- 
RandallMan
----------
It's been a wild ride for sure and it ain't over.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20080417/ab83f223/attachment.htm 


More information about the funsec mailing list