Eric Murray writes:
> Dr. Frederick B. Cohen wrote:
> >
> > The real question is whether the good guys will get the release before
> > the bad guys and how you tell them apart.
> how would you be able to tell 'good sysadmin' from 'bad hacker'?
Seems to me that there should be a secure way for an organization
such as CERT to release a tool like this a month or two in advance
to bona fide domain technical contacts, as registered by the InterNIC.
Perhaps something like PGP could be used to verify that the tool
is sent to the correct person and isn't tampered with along the way.
How about this, CERT? InterNIC? Any volunteers?
--
Bob Fillmore, Technical Services Division email: fillmore @
NRCan .
gc .
ca
Information Management Branch, BIX: bfillmore
Natural Resources Canada, Voice: (613) 992-2832
580 Booth St., Ottawa, Ontario, Canada K1A 0E4 FAX: (613) 996-2953
Follow-Ups:
-
Re: SATAN
From: mshaver @
schoolnet .
carleton .
ca (Mike Shaver)
-
Re: SATAN
From: Michael Nelson <mikenel @
netcom .
com>
-
Re: SATAN
From: Carl Jolley <cjolley @
iac .
net>
References:
-
Re: SATAN
From: ericm @
microunity .
com (Eric Murray)
|
|
