Firewalls: Re: SATAN

Firewalls
(March 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: SATAN
From:	Carl Jolley <cjolley @ iac . net>
Date:	Wed, 22 Mar 1995 19:44:46 -0500 (EST)
To:	Bob Fillmore 992-2832 <fillmore @ emr . ca>
Cc:	Eric Murray <ericm @ microunity . com>, fc @ all . net, firewalls @ GreatCircle . COM
In-reply-to:	<9503222342 . AA27416 @ emr1 . emr . ca>

This is probably the most naive thing I've heard or read all day.
Do you really believe that releasing something like this through
CERT or the InterNIC would keep it of the hands of the "bad guys"?
Do you think that being a technical contact or an administrative
contact in the InterNIC database means such a person is "a good guy"?

It doesn't matter anyway. Dan Farmer has said what he's going to do and
based on what I've read, nothing can stop him. He is on a "holy mission"
and any and all consequences that may, and probably will result from what
he is going to do, be damned.  In my opinion, he has no fear that several
$100 millions of civil law suits will be filed against him about the
second week of April nor does he care that people may die as a result of
what he does. I get the impression that to him, his point and his
"mission" are more important. I doubt that he even knows the meaning of
phrases like "proximal cause" and "vicarious liability". But I bet the
legal staff at SGI does. 

**** cjolley @
 iac .
 net <Carl Jolley>
**** All opinions are my own and not necessarily those of my employer ****

On Wed, 22 Mar 1995, Bob Fillmore 992-2832 wrote:

> Eric Murray writes:
> 
> > Dr. Frederick B. Cohen wrote:
> > > 
> > > The real question is whether the good guys will get the release before
> > > the bad guys and how you tell them apart.
> 
> > how would you be able to tell 'good sysadmin' from 'bad hacker'?
> 
> Seems to me that there should be a secure way for an organization 
> such as CERT to release a tool like this a month or two in advance
> to bona fide domain technical contacts, as registered by the InterNIC.
> Perhaps something like PGP could be used to verify that the tool
> is sent to the correct person and isn't tampered with along the way.
> How about this, CERT? InterNIC?  Any volunteers?
> 
> -- 
> Bob Fillmore, Technical Services Division          email: fillmore @
 NRCan .
 gc .
 ca
>   Information Management Branch,                   BIX:   bfillmore      
>   Natural Resources Canada,                        Voice: (613) 992-2832
>   580 Booth St., Ottawa, Ontario, Canada  K1A 0E4  FAX:   (613) 996-2953    
>

Follow-Ups:

Re: SATAN
From: Alan Hannan <alan @ mid . net>
Re: SATAN
From: fc @ all . net (Dr. Frederick B. Cohen)
Re: SATAN
From: ericm @ microunity . com (Eric Murray)

References:

Re: SATAN
From: fillmore @ emr . ca (Bob Fillmore 992-2832)

Indexed By Date	Previous:	Re: IP spoofing From: adthomas @ hazel . Read . TASC . COM (Anthony D. Thomas)
Indexed By Date	Next:	Re: SATAN From: Michael Nelson <mikenel @ netcom . com>
Indexed By Thread	Previous:	Re: SATAN From: fillmore @ emr . ca (Bob Fillmore 992-2832)
Indexed By Thread	Next:	Re: SATAN From: ericm @ microunity . com (Eric Murray)