At 16:44 3/22/95, Michael Nelson wrote:
>On Wed, 22 Mar 1995, Bob Fillmore 992-2832 wrote:
>
>> Eric Murray writes:
>>
>> > Dr. Frederick B. Cohen wrote:
>> > >
>> > > The real question is whether the good guys will get the release before
>> > > the bad guys and how you tell them apart.
>>
>> > how would you be able to tell 'good sysadmin' from 'bad hacker'?
>>
>> Seems to me that there should be a secure way for an organization
>> such as CERT to release a tool like this a month or two in advance
>> to bona fide domain technical contacts, as registered by the InterNIC.
>> Perhaps something like PGP could be used to verify that the tool
>> is sent to the correct person and isn't tampered with along the way.
>> How about this, CERT? InterNIC? Any volunteers?
>
>You cannot assume that just because someone is a domain contact they are
>not going to spread the utility for nefarious purposes. Just because
>they are listed doesn't necessarily mean they are honest...
Drop this discussion, or take it somewhere else. It's come up several times on
Firewalls, and always results in a pointless flamewar.
-Brent
----------------------------------------------------------------------
For info about the Internet Security Firewalls Tutorial and a schedule
of upcoming dates, please send email to Tutorial-Info @
GreatCircle .
COM
----------------------------------------------------------------------
Brent Chapman Great Circle Associates
Brent @
GreatCircle .
COM 1057 West Dana Street
+1 415 962 0841 Mountain View, CA 94041
|
|
