Firewall Wizards mailing list archives

Re: Penetration testing via shrinkware

From: Christopher Nicholls <chrisn () softway com au>
Date: Sun, 20 Sep 1998 06:47:08 +1000

At 12:44 AM 18/09/98 -0700, Crispin Cowan wrote:

tqbf () pobox com wrote:

person/company for the job... Problem is, which tools and which people do
you trust? Sounds like the subject of certification and accreditation

comes

back into play...


Scanners are probably much easier to certify than firewalls (which
probably can't be meaningfully certified at all).


I beg to differ.  A firewall can at least theoretically be verified:  if

it is

formally proven to enforce a policy of (say) allowing through traffic on

ports X

and Y, and no others, then the firewall is verified.  A scanner, on the other
hand, can never be verified, because the potential list of vulnerabilities

that

it could reasonably be expected to check for is infinite.  Scanners can

never be

complete, because the space of possible mis-configurations and buggy software
knows no bounds.


True, but the same can be said for firewalls, in that there are always new
attack mechanisms being developed to defeat firewalls; so in a sense they
are never complete either. Certification of firewalls is usually
assurance-based; that is, verified to levels of asuusrance - such as the
Common-Criteria evaluations. This means that basically the certification
procedure checks and confirms what the manufacturers claim it can can do -
a security target. Maybe it would be possible to set a similar security
target for intrusion detection software and scanner software too?

Regards

Christopher
----------------------------------------------------------------------
Christopher A. Nicholls
----------------------------------------------------------------------
Softway Pty Ltd  ACN: 002 726 641 
Canberra Branch Office: Suite 1.3, Dickson Park Professional Centre
151 Cowper Street, Dickson  ACT  2602
PO Box 923,  Dickson  ACT  2602
Ph:    +61 2 6257 0666  
Fax:  +61 2 6257 0665   E-mail: chrisn () softway com au
Mob: 0411 454 755       WWW:    http://www.softway.com.au
---------------------------------------------------------------------------

Current thread:

Re: Penetration testing via shrinkware, (continued)
- - Re: Penetration testing via shrinkware emaiwald (Sep 03)
- Re: Penetration testing via shrinkware Dominique Brezinski (Sep 03)
- Re: Penetration testing via shrinkware Ryan Russell (Sep 03)
- RE: Penetration testing via shrinkware Gary Crumrine (Sep 03)
  - RE: Penetration testing via shrinkware Christopher Nicholls (Sep 07)
    - Re: Penetration testing via shrinkware tqbf (Sep 17)
    - Re: Penetration testing via shrinkware Crispin Cowan (Sep 18)
    - Re: Penetration testing via shrinkware Ted Doty (Sep 19)
    - Re: Penetration testing via shrinkware tqbf (Sep 19)
    - Re: Penetration testing via shrinkware Dave Whitlow (Sep 19)
    - Re: Penetration testing via shrinkware Christopher Nicholls (Sep 19)
    - Re: Penetration testing via shrinkware Adam Shostack (Sep 20)
    - Re: Penetration testing via shrinkware Ivan Arce,CORE SDI (Sep 23)
    - Re: Penetration testing via shrinkware tqbf (Sep 21)
- RE: Penetration testing via shrinkware McEwen, Don (Sep 03)
- Re: Penetration testing via shrinkware Vanja Hrustic (Sep 03)
- Re: Penetration testing via shrinkware Bill_Royds (Sep 03)
- RE: Penetration testing via shrinkware Stout, Bill (Sep 06)
- RE: Penetration testing via shrinkware Gary Crumrine (Sep 06)
- Re: penetration testing via shrinkware Arve Kjoelen (Sep 08)
- Re: Penetration testing via shrinkware Ryan Russell (Sep 19)

(Thread continues...)