It's a decade and a half since I studied a security masters, but I seem to recall Someone Who Knew saying approximately this: in the vast sweep of history, it hasn't tended to be the technology that's failed (unless it's laughably weak in the first place), but the humans handling the technology. If we assume the worst case about the RSA hack, that a big file full of token serial numbers, shared secrets and end-customer details went missing, then this is a human failing. That is, some dumbass probably left that lot online and connected to the network rather than offline. Agree with other commentary too, that their handing of the entire incident has been shocking. If you say nothing, people assume the worst. If you tell people that it's happened, how is this different, aside from demonstrating that customers' interests come first? Duh.

Replying to my own post - found current working links:- http://old.tel.fer.hr/imunes/ is the project homepage. This link - ftp://borg.uu3.net/pub/archive/imunes/pdf/zec-mikuc-04.pdf - talks about the network stack magic they use.

I've used something called Imunes in the past with great success. It runs on FreeBSD as I recall, and is the output from an academic project somewhere. It will run happily in vmware, interacting perfectly with vmware virtual switches and physical NICs in your machine. You can create hubs, switches, routers and hosts inside the environment, hook them up with point to point links, set bandwitdth and loss parameters on those links, etc. Routers can do bgp and ospf via OSS implementations (zebra/quagga). The genius of the whole thing is that the network stack is magically instantiated per-process: thus, when you have a simulated host in your setup, it actually just manifests itself as a shell window. You can use ping, traceroute, run apache, or firefox, and it will be bound to the exact bit of the virtual network you expect it to be. With imunes, I've simulated a complete wide area network, complete with simple bgp, checkpoint secureplatform firewalls (in vmware on the same box), and an imunes host at each site. I was able to run traffic end to end over encrypted vpn tunnels from one secureplatform protected imunes host to another. One of my firewalls was a physical box, hooked in via a crossover cable. Warning: it *will* warp your mind doing this stuff in vmware... E.g. Em0 in Imunes is eth0 as presented to the vmware guest which is vmnet1 which is eth2 on my host OS. I recommend a multiple-interfaced physical machine for sanity's sake.