Re: Allowing scanning from home

From: xyberpix (xyberpix_at_xyberpix.com)
Date: 10/30/04

  • Next message: Javier Blanque: "Re: Defense in Depth"
    To: Donald Voss <voss@albany.edu>
    Date: Sat, 30 Oct 2004 22:06:36 +0100
    
    
    

    I would say that a thorough inspection of the host network that's going
    to be doing the scanning should be done. That's what we do at our place,
    in regard to employee's and any itsec contractors that we have in. It
    may be an invasion of privacy, but spoofing an IP addy is a very trivial
    task, and social engineering can lead to a world of wealth.

    Just my 2p's worth.

    xyberpix

    On Thu, 2004-10-28 at 21:33, Donald Voss wrote:
    > Eric,
    >
    > I'm not the group .. but my $.02.
    >
    > Policy, policy, policy, as in your company's.
    >
    > Satisfy that .. or decide one needs to be written and approved.
    >
    > Then .. a get out of jail card .. written .. by supervisor on up if need
    > be with details - names, tools, - maybe a time period .. a report, etc.
    >
    > /don
    >
    >
    > ericaldrc51@netscape.net wrote:
    > > What's the group's consensus on allowing security staff to scan the company's external interfaces from their home, to get a true external assessment. I personally don't agree with this for audit and other reasons. Just looking for some other professional viewpoints. Thx.
    > >
    > > __________________________________________________________________
    > > Switch to Netscape Internet Service.
    > > As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register
    > >
    > > Netscape. Just the Net You Need.
    > >
    > > New! Netscape Toolbar for Internet Explorer
    > > Search from anywhere on the Web and block those annoying pop-ups.
    > > Download now at http://channels.netscape.com/ns/search/install.jsp
    > >

    -- 
    For Security and Open Source news:
    http://xyberpix.demon.co.uk
    
    



  • Next message: Javier Blanque: "Re: Defense in Depth"

    Relevant Pages

    • Re: Allowing scanning from home
      ... Policy, policy, policy, as in your company's. ... > Switch to Netscape Internet Service. ... The University at Albany ...
      (Security-Basics)
    • Re: [Info-ingres] Re: UK IUA agenda?
      ... I think Mike and I kicked SQLJ around a while ago, ... The central assertion is: if your database is a set of assertions of facts about things, best make sure you're talking about the right things. ... Switch to Netscape Internet Service. ...
      (comp.databases.ingres)
    • Re: Time to shut down this list?
      ... Would you be willing to join Joshua Tinnin in supporting such a change ... newbies getting wrong answers. ... Switch to Netscape Internet Service. ...
      (freebsd-newbies)
    • Re: Allowing scanning from home
      ... ISP's connection then that could be considered illegal. ... >Policy, policy, policy, as in your company's. ... >>Switch to Netscape Internet Service. ... >The University at Albany ...
      (Security-Basics)
    • be the first on your block
      ... if you go there,, there is an option "Music Player" on the top that takes you to full length versions of their entire album. ... what i hear is a chris issac -ness, if you took away the campy qualities of chris, putting in instead genuine warmth and sensual empathy. ... Switch to Netscape Internet Service. ...
      (rec.music.gaffa)