Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )
From: Dave Piscitello (dave@corecom.com)
Date: 08/25/02
- Next message: scouser@paradise.net.nz: "[fw-wiz] Firewall-1 NG"
- Previous message: R. DuFresne: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- In reply to: B. Scott Harroff: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Next in thread: B. Scott Harroff: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Reply: B. Scott Harroff: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Reply: Paul D. Robertson: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Dave Piscitello <dave@corecom.com> To: firewall-wizards@honor.icsalabs.com Date: Sun Aug 25 10:23:01 2002
> In my humble opinion, corporate security people not authenticing and
> filtering/monitoring traffic heading off the corporate network is a like
> airport personel not verifying individuals identities who are on an outbound
> airplane, or checking what they are carrying. 99.99% of the time nothing
> happens, that last 1% can be very painful though.
-------------
>That's when positive
>authentication is necessary. One needs to know its positively Jane Doe that
>went to the porn site (which is against policy) or it was someone who sat
>down at her authenticated workstation when she walked away without logging
>off (which is against policy) before disciplinary actions are initiated.
You'll need non-repudiable authentication (evidence), as a court of law
would describe.
How would you propose to verify Jim was at Jane's workstation at the time
of the porn site visit?
In addition to "strong authentication" as we define it today, do you
propose cameras? Keyloggers that distinguish typing behavior?
Something that's annoyed me for ages is the distinction that policy
violations conducted through computing and networking are so different from
any other medium. If an employee uses his phone card to dial a phone sex
number during work hours, from a business phone, is it as serious an
offense (granted, there's no temporary or long term cache of the "image"
unless he's taped the conversation). What about print media and fax
(although I've never heard of fax sex?)
Content inspection is an odd business, and it seems perpetually focused on
computer networking. My point is that I've seen some policies that don't
uniformly treat all media - it's acceptable to have a sexy calendar, but
not to visit Victoria's Secret online, or thumb through PlayBoy during
lunch? I've told folks that such policies are an HR nightmare waiting to
happen.
I wrote a paper a while ago on this subject, but I think it's still
accurate and hopefully relevant
http://www.tisc2002.com/newsletters/211.html
At 02:38 PM 8/23/2002 -0400, B Scott Harroff wrote:
>One needs to know its positively Jane Doe that
>went to the porn site (which is against policy) or it was someone who sat
>down at her authenticated workstation when she walked away without logging
>off (which is against policy) before disciplinary actions are initiated.
David M. Piscitello
Core Competence, Inc. &
3 Myrtle Bank Lane
Hilton Head, SC 29926
dave@corecom.com
843.689.5595
www.corecom.com
- Next message: scouser@paradise.net.nz: "[fw-wiz] Firewall-1 NG"
- Previous message: R. DuFresne: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- In reply to: B. Scott Harroff: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Next in thread: B. Scott Harroff: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Reply: B. Scott Harroff: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Reply: Paul D. Robertson: "Re: RE:[fw-wiz] Vulnerability Scanners ( was: concerning ~el8 / project mayhem )"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
