Posted by Puckdropper on 10/21/07 20:37

Gary L. Burnore <gburnore@databasix.com> wrote in news:ffgb6f$3n6$4
@blackhelicopter.databasix.com:

> On Sun, 21 Oct 2007 14:05:33 -0400, Jerry Stuckle
> <jstucklex@attglobal.net> wrote:
>
>>Gary L. Burnore wrote:
>>> On Sat, 20 Oct 2007 22:05:13 -0400, Jerry Stuckle

*snip*

>>>
>>> Security is about many things of which prevention is one.
>>>
>>
>>No responsible person in the security field will ever claim that.
>
> I'm a responsible person in the security field and I claim that. I've
> been taught that and I teach that. That being that many things make
> up good security. Prevention is one part of security.
>
>
>>
>>There is no such thing as "prevention". That would indicate that
>>something can't happen, which is impossible to do.
>>
>>For instance, banks have been trying to prevent robberies for hundreds
>>of years.
>
>

*snip*

Prevention isn't about 100% prevention, but mainly deterance. With
preventative efforts, you simply try to make it more difficult to get to
your systems. Maybe then the would-be attacker gets bored or frustrated
and gives up.

Prevention isn't the only line of defense, of course. If the attacker
does succeed, you have to try to limit the amount of exposure.

Puckdropper
--
Wise is the man who attempts to answer his question before asking it.

To email me directly, send a message to puckdropper (at) fastmail.fm

[Back to original message]