lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0312010952420.23466-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: automated vulnerability testing

On Sun, 30 Nov 2003, Jonathan A. Zdziarski wrote:

>
> > Aren't such measures -- especially the former -- simply crutches that
> > effectively _encourage_ the continuation of poor (even downright
> > negligent) programming practices?
>
> Only to the extent that TCP wrappers and firewalls are simply crutches
> to effectively encourage the continuation of poor systems
> administration.
>
>

Quite a flaw in logic there, I'm sure you meant;

Only to the extent that TCP wrappers and firewalls are simply crutches
to effectively encourage the continuation of poor systems networking
protocols that already exist.


Being that the flaws are inherent to the network protocols in use.  Admins
have long known how to lock a system down, and keep it that way, remove
all users and limit access and functionality.  That tends to make the
system far less then useful.  But, the core issue lies with the networking
protocools that are meant to make iintersystem communications actually
happen.  There was no security within their design, security was the
lowest factor in the developers mind at the time.  And of course a rewrite
of all that code and then pushing that to the internet-citezenry at large
would be fairly daunting eh?  Look how well the conversion from ssh1 to
ssh2 has progressed...


Thanks,

Ron DuFresne


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ