[428] in Intrusion Detection Systems
Re: some thoughs
daemon@ATHENA.MIT.EDU (giorgos adamopoulos)
Thu Nov 23 09:11:56 1995
From: giorgos adamopoulos <el90118@central.ntua.gr>
To: ids@uow.edu.au
Date: Tue, 21 Nov 1995 21:36:15 +0200 (EET)
In-Reply-To: <Pine.LNX.3.91.951120113241.18717A-100000@bach.cis.temple.edu> from
"Alexander O. Yuriev" at Nov 20, 95 11:42:00 am
Reply-To: ids@uow.edu.au
> Hi,
> [...]
I skip this, as I've not been in a SA conference, so I can't judge...
> Why do we trust our vendors when they say that their systems are
> secure? What are the checks that we perfom before we bring a system onto
> the netwotk? Do we perform them at all or do we just blindly assume that
> if there is no patch out there, there is no problem? Is it that we do not
> want to bother with it or is it that we do not know where to look?
> I would appreciate your comments...
I think true professionals do not trust marketing bells. Depending on the
machine one wants to hook on the Net, there exists a wide range of FAQs,
HOWTOs, admin lists which can help to bring a system `adequately' (ie. for
the casual cracker) secure. One is able to assume that one is secure from
previous bugs; bugs will always come in the future. S/W complexity
increases bugginess (don't remeber where I've read it).
I think we all know where to look, from newbies (like me) to the highly
experienced. Those who seek, discover (and the crackers too ;-).
--
giorgos adamopoulos (el90118@central.ntua.gr)
``We who are not as others'' -- Sepultura.
