1999-09-18-06:07:29 Joel Eriksson:
> On Fri, Sep 17, 1999 at 05:25:11PM -0400, Bennett Todd wrote:
> > Perhaps I overstate, it's in my nature I'll admit. But that's the kind of
> > horror you need to fear when casting nmap far and wide. There are boxes out
> > there that will crash when nmap with the right settings casts its gaze their
> > way, and the users of those boxes are _never_ amused when it happens.
>
> In other words, let's wait until some script kiddie scans the network and
> let him take the blame instead. :-) Well, I understand your point of view,
> but boxes that vulnerable shouldn't be connected to any network, or get
> fixed. When _you_ were the one scanning, at least you know what happened..
We each bring our own background to this kind of question.
I've worked in a lot of places that followed the "hard crunchy outside, soft
chewey center" style of computer security; at many large companies, if you're
on the in-house net (and all employees are) you can burgle or crash most of
the machines owned by the company. Any place that uses Windows knows all about
that.
So in-house employees don't take advantage of this setup, or else they get
fired for cause, prosecuted, and sued. The perimeter is far better secured.
I don't claim this is a great model, but it's in use a lot of places. The
original poster's question made me think he was talking about that sort of
place.
-Bennett
Received on Sep 18 1999
Intro
