On Wed, 22 Mar 1995, Bob Fillmore 992-2832 wrote:
> Eric Murray writes:
>
> > Dr. Frederick B. Cohen wrote:
> > >
> > > The real question is whether the good guys will get the release before
> > > the bad guys and how you tell them apart.
>
> > how would you be able to tell 'good sysadmin' from 'bad hacker'?
>
> Seems to me that there should be a secure way for an organization
> such as CERT to release a tool like this a month or two in advance
> to bona fide domain technical contacts, as registered by the InterNIC.
> Perhaps something like PGP could be used to verify that the tool
> is sent to the correct person and isn't tampered with along the way.
> How about this, CERT? InterNIC? Any volunteers?
You cannot assume that just because someone is a domain contact they are
not going to spread the utility for nefarious purposes. Just because
they are listed doesn't necessarily mean they are honest...
-- Mike
--
Michael Nelson (mikenel @
netcom .
com) | Real programmers don't comment their
Rockville, Maryland | code. It was hard to write, it should
Windows NT & Linux Development | be hard to understand.
References:
-
Re: SATAN
From: fillmore @
emr .
ca (Bob Fillmore 992-2832)
|
|
