[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: I thought everyone would be interested in this

You are correct.  There is always a possibility of bugs.  I normally always log
to a different machine so I have a record of activity that cannot be erased. My 
logging server will not allow a telnet or other network connecting, other than
syslog.

I normally connect from a hardwired serial connection to another system that
is not on the same network.  We can then review everything.

As I stated I have not had a chance to really review this, but the concept
is a good one and should be reviewed for implementation.  I will go through
it before January 1st and report back to the list my findings (evaluations only). 

Larry

At 01:17 PM 12/23/2000 +1100, Jeremy Lunn wrote:

On Fri, Dec 22, 2000 at 11:41:23AM -0500, Larry Morrow wrote:
> I have not gone completely through the site to review it, but based on its
> stated purpose, it has great merit.  TO answer your question, yes there
> is a point to running it on a firewalled box.  Information is key.  As a
> sysadmin
> you always want to be one step ahead of an attacker.  Just having certain
> ports closed is good, but also knowing when and who is attacking is better.

I like the idea of this thing but what happens if there's a bug in those
scripts that fakes the vulnerabillities?  Then couldn't it just be
vulnerable too?

--
Jeremy Lunn
Melbourne, Australia


--
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: