Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem )

[Paul Robertson <proberts () patriot net>]

On Mon, 26 Aug 2002, B. Scott Harroff wrote:

> Your opinion is its better to do nothing and let 100% get though then though
> a combination of technology / process / policy that stops 95%?

No, it's my opinion[1] that it's _safer_ from a legal standpoint to do so.  

I'm pretty sure that I saw yet another case in the last couple weeks on 
some list somewhere (Cyberia perhaps) that hinged on this, though it may 
have been in a presentation at a forensics conference I attended week 
before last.  If I had a Lexus account, I'd 98% sure I'd be able to 
produce actual case citations.

> I think one would be better of showing "intent to protect and missing one
> instance or two" than "doing nothing about a known problem".

Logic would work that way, unfortunately, the law doesn't seem to.

Paul
[1] I'm not a lawyer and I don't play one on the 'Net, but I've had 
extensive discussions about this with real lawyers in real business 
environments.
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards