> I think the problem with SATAN is not so much the security threats it
> embodies (those are problems on their own) but the high profile and
> wide distribution it gives to those threats. I'd rather not debate
> "security through obscurity" on the firewalls list. (I'd be glad to
> take up the topic in email.) As a practical matter however, SATAN makes
> firewall manager's lives more difficult by increasing the number of
> unskilled individuals with access to and knowledge of sophisticated
> cracking tools. The net effect will probably be enhanced security in
> the long run, but in the short term I get to worry about a
> proliferation of casual crackers.
Perhaps its just me, but... I think that tools like SATAN, COPS, ISS, et al
are good.. They point out common weakness on your own system, so that you
can fix them.. Sure, in the wrong hands they can be used to break into
a system, but if you secure that system first, then they are useless (hey,
maybe work this into some sorta marketing ploy :)
These tools are going to be created and distributed with or without
public knowledge, it is safer for all that they are spread with public
knowledge, as then you can prepare for the attacks, without public
knowledge you may not know about all the holes that they discover,
but a cracker might..
Just a thought..
|
|
