Firewalls: Re: L0pht Scanning

Firewalls
(April 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: L0pht Scanning - Beware
From:	James Morris <jmorris @ intercode . com . au>
Date:	Wed, 30 Apr 1997 02:16:51 +0000
To:	Darren Reed <avalon @ coombs . anu . edu . au>
Cc:	Russ <Russ . Cooper @ RC . on . ca>, lists @ reflections . eng . mindspring . net, tep @ sdsc . edu, firewalls @ GreatCircle . COM
In-reply-to:	<199704290818 . BAA01238 @ honor . greatcircle . com>

On Tue, 29 Apr 1997, Darren Reed wrote:

> 
> Hmmm, I still haven't seen a good anology to port scanning.

Perhaps we need to completely drop the analogies and look at computer 
security issues in their own terms, then look at how to address 
generalised issues related to the intent and effect of such actions.

With regard to the latter, the type of questions I'd be asking are:

1) Did the person intend or cause data to be accessed by unauthorised 
persons ?

2) Did the person intend or cause data to be modified (including deletion)
by unauthorised persons.

3) Did the person intend or cause denial of service to authorised users ?

We may never really know a person's intentions, but we should have some 
idea about the effects of their actions with the right tools, procedures 
and people in place.

- James.
--
James Morris
<jmorris @
 intercode .
 com .
 au>
http://www.intercode.com.au/

References:

Re: L0pht Scanning - Beware
From: Darren Reed <avalon @ coombs . anu . edu . au>

Indexed By Date	Previous:	NAT for Solaris 2.5.x From: Eric Dykema <Eric_Dykema @ sdsi . com>
Indexed By Date	Next:	Re: [NTSEC] Re: L0pht Scanning - Beware From: Eric Germann <ekgermann @ cctec . com>
Indexed By Thread	Previous:	Re: L0pht Scanning - Beware From: Darren Reed <avalon @ coombs . anu . edu . au>
Indexed By Thread	Next:	Re[4]: L0pht Scanning - Beware From: rob . holman @ ganda . demon . co . uk