Firewall Wizards mailing list archives
Re: Penetration testing via shrinkware
From: Christopher Nicholls <chrisn () softway com au>
Date: Sun, 20 Sep 1998 06:47:08 +1000
At 12:44 AM 18/09/98 -0700, Crispin Cowan wrote:
tqbf () pobox com wrote:person/company for the job... Problem is, which tools and which people do you trust? Sounds like the subject of certification and accreditation
comes
back into play...Scanners are probably much easier to certify than firewalls (which probably can't be meaningfully certified at all).I beg to differ. A firewall can at least theoretically be verified: if
it is
formally proven to enforce a policy of (say) allowing through traffic on
ports X
and Y, and no others, then the firewall is verified. A scanner, on the other hand, can never be verified, because the potential list of vulnerabilities
that
it could reasonably be expected to check for is infinite. Scanners can
never be
complete, because the space of possible mis-configurations and buggy software knows no bounds.
True, but the same can be said for firewalls, in that there are always new attack mechanisms being developed to defeat firewalls; so in a sense they are never complete either. Certification of firewalls is usually assurance-based; that is, verified to levels of asuusrance - such as the Common-Criteria evaluations. This means that basically the certification procedure checks and confirms what the manufacturers claim it can can do - a security target. Maybe it would be possible to set a similar security target for intrusion detection software and scanner software too? Regards Christopher ---------------------------------------------------------------------- Christopher A. Nicholls ---------------------------------------------------------------------- Softway Pty Ltd ACN: 002 726 641 Canberra Branch Office: Suite 1.3, Dickson Park Professional Centre 151 Cowper Street, Dickson ACT 2602 PO Box 923, Dickson ACT 2602 Ph: +61 2 6257 0666 Fax: +61 2 6257 0665 E-mail: chrisn () softway com au Mob: 0411 454 755 WWW: http://www.softway.com.au ---------------------------------------------------------------------------
Current thread:
- Re: Penetration testing via shrinkware, (continued)
- Re: Penetration testing via shrinkware emaiwald (Sep 03)
- Re: Penetration testing via shrinkware Dominique Brezinski (Sep 03)
- Re: Penetration testing via shrinkware Ryan Russell (Sep 03)
- RE: Penetration testing via shrinkware Gary Crumrine (Sep 03)
- RE: Penetration testing via shrinkware Christopher Nicholls (Sep 07)
- Re: Penetration testing via shrinkware tqbf (Sep 17)
- Re: Penetration testing via shrinkware Crispin Cowan (Sep 18)
- Re: Penetration testing via shrinkware Ted Doty (Sep 19)
- Re: Penetration testing via shrinkware tqbf (Sep 19)
- Re: Penetration testing via shrinkware Dave Whitlow (Sep 19)
- Re: Penetration testing via shrinkware Christopher Nicholls (Sep 19)
- Re: Penetration testing via shrinkware Adam Shostack (Sep 20)
- Re: Penetration testing via shrinkware Ivan Arce,CORE SDI (Sep 23)
- Re: Penetration testing via shrinkware tqbf (Sep 21)
- RE: Penetration testing via shrinkware Christopher Nicholls (Sep 07)