Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem )

From: Adam Shostack <adam () homeport org>
Date: Thu, 22 Aug 2002 19:49:12 -0400
On Thu, Aug 22, 2002 at 12:32:24PM -0400, B. Scott Harroff wrote:
| In my humble opinion, corporate security people not authenticing and
| filtering/monitoring traffic heading off the corporate network is a like
| airport personel not verifying individuals identities who are on an outbound
| airplane, or checking what they are carrying.  99.99% of the time nothing
| happens, that last 1% can be very painful though.

This is one of my pet peeves: Verifying my identity wasn't what was
needed, verifying that I don't have hostile intent was.  Today, the
verification that I'm without weapons is probably sufficient, given
that passengers are likely to fight, expecting to die anyway.  Then
there's the question of were weapons left aboard for you, but thats
incidental:   You could answer the question as well with passengers 
who are anonymous.

And incidentally, your math is off by two orders of magnitude. ;)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
                                                       -Hume


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: