Re: anti-spam vs network abuse
"andy" == Andy Dills <andy@xecu.net> writes: andy> On 1 Mar 2003, Michael Lamoureux wrote: andy> If you do a good job with your network, probing will have zero andy> affect on you. All the person probing can do (regardless of andy> their intent) is say "Gee, I guess there aren't any andy> vulnerabilities with this network."
This is a completely naive statement. There are 0 networks that I'm willing to believe have 0 vulnerabilities on them. There may be 0 that you know about, but that doesn't mean there aren't more vulnerabilities which aren't public knowledge lurking in sendmail or bind or ssh or ssl or apache or any number of other services you have running.
andy> My statement is as naive as yours is ridiculous. andy> You're telling me your IDS systems tell you when there is a new andy> vulnerabilitiy, before you see it on bugtraq? I've read my statement quite a few times, and I can't see where I even implied that. andy> So, since I'm so naive, No no no...I never said that YOU were naive. I said the statement that if you've done a good job, all the prober can do is say that there aren't any vulnerabilities on your network was naive. Your own argument supports what I said. My whole point was that no matter how good a job you do, you probably are still vulnerable to something. andy> You realize that scanning happens after exploits get published, andy> not before. I don't even make the assumption that all exploits ever get published. andy> My network is as secure as it can be, which IS NOT the same as andy> "My network is invulnerable". Exactly. andy> Don't put words into my mouth simply so you can call them naive. I'm not 100% sure where I did this, but I completely apologize if I have. IMHO, Michael
participants (1)
-
Michael Lamoureux