Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Publishing exploit code - what is it good for

From: Skip Carter <skip () taygeta com>
Date: Thu, 30 Jun 2005 11:18:52 -0700



I recently had a discussion about the concept of full disclosure with one of 
the top security analysts in a well-known analyst firm. Their claim was that 
companies that release exploit code (like us, but this is also relevant for 
bugtraq, full disclosure, and several security research firms) put users at 
risks while those at risk gain nothing from the release of the exploit.



reluctant. Their claim was that based on their own work experience, a 
security administrator does not have a need for the exploit code itself, and 
the vendor information is enough. The analyst was willing to reconsider their

 

I think its a question of what the role of the 'security administrator' is within
the enterprise.  If their job is primarily threat evaluation and appropriate
patching/updating in response, then I agree that the publication of an exploit
is not very helpful.  If, however, the job is firewall/IDS management or
incident investigation, then having access to actual exploit code is
extremely valuable to have.



-- 
 Dr. Everett (Skip) Carter           Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Network Security Services   email: skip () taygeta net
 1340 Munras Ave., Suite 314         WWW: http://www.taygeta.net/
 Monterey, CA. 93940            











_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: