Brian E Carpenter <brc(_at_)zurich(_dot_)ibm(_dot_)com> wrote:
What if your contractor has carefully configured the laptop to
give all the right answers? What if it has already been infected with
a virus that causes it to give all the right answers?
Yes, that's a problem with NEA. No, it's not a problem for many (if
not most) people using NEA.
The people I talk with plan on using NEA to catch the 99% case of a
misconfigured/unknown system that is used by a well-meaning but
perhaps less clueful employee or contractor. The purpose of NEA is to
enhance network security by allowing fewer insecure end hosts in the
network.
No one can prevent a determined attacker from getting in. But by
providing fewer hosts for him to attack, the attacks become less
feasibly, and more visible.
Alan DeKok.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf