Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



IDS: Re: [IDS] IDS Common Criteria

Re: [IDS] IDS Common Criteria

From: Randy Taylor <gnu_at_charm.net>
Date: Tue, 07 Jan 2003 16:49:53 -0500

*chuckle* I completely missed the "Outside the Government.."
part of Andy's question. My bad. More inline below.

At 04:04 PM 1/7/2003 -0500, Frederick M Avolio wrote:
>Sorry, Randy. To be sure. I was responding directly in context.
>
>Andy asked
>>Outside Government and Military circles where I can see Common Criteria
>>Certification being extremely useful, how valuable is it, ie within the
>>financial sector etc ?
>
>I don't think it is valuable at all. I don't see how it possibly could be for
>government, either. But, to the poor vendor who now has to comply with
>it... yes,
>it is essential.
>
>Perhaps it stimulates the economy. :-)

I'm a member of a private list that often uses the phrase "...or something"
whenever hard-coded dogma (or catma) flies in the face of what most would
perceive as logical, rational, or reasonable. So, to mangle your quote above:

"Perhaps it stimulates the economy...or something." }->

All seriousness aside, there is value in Common Criteria
if it's in nothing more than establishing a baseline evaluation
standard whose results can be used to help folks make decisions
about products in a given category. Hrm. If you run that statement
through Asimov's Language Clarifier, does anything come out the
other side?

I have friends that work in CC testing and eval labs, and they are
all really smart people. Ok, they're a bit bent, but really really smart.
A couple of years ago, I was asked to work with them on the Win2k
CC project. I joined Enterasys instead. At the time, it seemed like
the least painful option. Hindsight is always 20-20, isn't it?

Guess what I got tapped to do just before I left Enterasys? Jump-start the
CC process for Dragon. The Universe is a very strange place. It folds back
on itself at the most inconvenient times. Most of what I had to say about
that before I left usually started with, "Oh God", or, "Oh crap".

I just ran all of the CC documentation through Mr. Asimov's device. I was
curious to see what the result would be. Here it is:

"There is no escape from Common Criteria. Resistance is futile. You will
be assimilated. Now shut up and get your paperwork together. And have
a nice day...or something."

See?

>Fred

Randy

-----
"Nor does it do anything to make lemons bigger or encourage owls to explode."
   --- MartinG on /. ---
Received on Jan 07 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]