Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

RE: No Subject (re: openssh exploit code?)
From: "Robert Ahnemann" <rahnemann () affinity-mortgage com>
Date: Tue, 21 Oct 2003 16:21:27 -0500
Hi Robert,

--- Robert Ahnemann <rahnemann () affinity-mortgage com>
wrote:

I flip to the local radar and get some sort of proof
that there might be
a thunderstorm coming.  Talk is cheap (as was said),
so its up to the
admin to verify if A) there is a real threat B) the
threat applies to
your systems C) the threat damage is worth the
damage of 'unscheduled
downtime'

(for the analogy challenged:  radar = some sort of
proof of concept or
something of the likes)


But would you flip to the radar if the local TV
Weatherman told you to seek shelter and bring the kids
in?  I'd go get the kids first.  CERT being the
weatherman in this case..

Cheers,
Matt


Comparing a random subscriber on a full-disclosure list and CERT is
somewhat of a bad comparison, no?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]