Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [ Capture Skype trafic ]
From: Cedric Blancher <blancher () cartel-securite fr>
Date: Sat, 28 Oct 2006 18:28:09 +0200

Le samedi 28 octobre 2006 à 11:53 -0400, gabriel rosenkoetter a écrit :
I don't see how this isn't still an HR problem.

Ressources usage will definitly end-up in HR problem, but that does not
mean you don't have to filter. There are technical means to block
execution of arbitrary applications, as pointed out before, and that's
just an example of what can be done from a technical perspective.
Sometimes, you can consider risk low so you can let education deal with
it for you. Sometimes you can't. I think Skype may induce risks that I
wouldn't let to education alone.

As a more general matter and as you said before, filtering will never
work by itself, but it also applies to education. Education is not
sufficient, or we would have noticed it before. And if users security is
all about HR, and I really don't understand why we put so much
protection around what they do...

PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]