Bugtraq mailing list archives
RE: Local versus remote security holes
From: David Brodbeck <DavidB () mail interclean com>
Date: Wed, 22 Dec 2004 15:59:12 -0500
-----Original Message----- From: Adam Shostack [mailto:adam () homeport org]
There is a rough standard for what local and remote mean. The standard may not be as precise as you'd like. Using old terms with new definitions doesn't advance the debate, it generates confusion. This is especially the case when you haven't rigorously defined the proposed new meanings of the terms.
I think all this conversation is doing is showing that the terms 'local' and 'remote' are vague and maybe not terribly useful anymore.
I've long advocated 'credentialed' to refer to attacks where a user of the system can execute the attack, and 'anonymous' or 'non-credentialed' to refer to refer to attacks on servers, such as httpd, ftpd, or named. These attacks can be launched by anyone, from anywhere (barring interference from firewalls or the like).
That'd be a good start. In most cases what people really want to know when they look at 'remote' or 'local' attacks is whether any random person on the Internet can execute the attack, or whether they only have to worry about their own users. This is especially true at small sites where if a local user acts up, the sysadmin can just go dope slap them. ;) I take it under your system, the NASM vulnerability would be considered "credentialed"?
Current thread:
- Local versus remote security holes D. J. Bernstein (Dec 22)
- Re: Local versus remote security holes Adam Shostack (Dec 22)
- stick with "anonymous" or "authenticated" when describing attacks Jonathan G. Lampe (Dec 22)
- <Possible follow-ups>
- RE: Local versus remote security holes David Brodbeck (Dec 23)
- Re: Local versus remote security holes Adam Shostack (Dec 22)