Security Basics mailing list archives

Re: Allowing scanning from home

From: Ghaith Nasrawi <libero () aucegypt edu>
Date: Fri, 29 Oct 2004 03:09:10 +0000

it depends on what kind of devices/platforms you have been deploying,
but you can get false positives/negatives because sometimes you
configure firewalls with rules to deny from specific sources. Thus, you
get false alarms. Also your firewalls might be dropping outbound
traffic. So, you miss the outer interface and have a non-efficient test.

g.


 On Thu, 2004-10-28 at 18:05, ericaldrc51 () netscape net wrote:

What's the group's consensus on allowing security staff to scan the company's external interfaces from their home, to 
get a true external assessment.  I personally don't agree with this for audit and other reasons.  Just looking for 
some other professional viewpoints.  Thx.

__________________________________________________________________
Switch to Netscape Internet Service.
As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register

Netscape. Just the Net You Need.

New! Netscape Toolbar for Internet Explorer
Search from anywhere on the Web and block those annoying pop-ups.
Download now at http://channels.netscape.com/ns/search/install.jsp

Current thread:

Allowing scanning from home ericaldrc51 (Oct 28)
- Re: Allowing scanning from home Donald Voss (Oct 28)
- Re: Allowing scanning from home Brandon Foley (Oct 28)
- Re: Allowing scanning from home Adam Jones (Oct 28)
- Re: Allowing scanning from home mike (Oct 28)
  - Re: Allowing scanning from home Richard Ellis (Oct 29)
- Re: Allowing scanning from home Dan Tesch (Oct 28)
- RE: Allowing scanning from home David Gillett (Oct 28)
- Re: Allowing scanning from home tony tony (Oct 29)
- Re: Allowing scanning from home Ghaith Nasrawi (Oct 29)
- <Possible follow-ups>
- Re: Allowing scanning from home ericaldrc51 (Oct 28)
- RE: Allowing scanning from home ka55ad (Oct 28)
- Re: Allowing scanning from home Will Thornsbury (Oct 29)