You are correct. There is always a possibility of bugs. I normally always log
to a different machine so I have a record of activity that cannot be
erased. My
logging server will not allow a telnet or other network connecting, other than
syslog.
I normally connect from a hardwired serial connection to another system that
is not on the same network. We can then review everything.
As I stated I have not had a chance to really review this, but the concept
is a good one and should be reviewed for implementation. I will go through
it before January 1st and report back to the list my findings (evaluations
only).
Larry
At 01:17 PM 12/23/2000 +1100, Jeremy Lunn wrote:
>On Fri, Dec 22, 2000 at 11:41:23AM -0500, Larry Morrow wrote:
> > I have not gone completely through the site to review it, but based on its
> > stated purpose, it has great merit. TO answer your question, yes there
> > is a point to running it on a firewalled box. Information is key. As a
> > sysadmin
> > you always want to be one step ahead of an attacker. Just having certain
> > ports closed is good, but also knowing when and who is attacking is better.
>
>I like the idea of this thing but what happens if there's a bug in those
>scripts that fakes the vulnerabillities? Then couldn't it just be
>vulnerable too?
>
>--
>Jeremy Lunn
>Melbourne, Australia
>
>
>--
>To UNSUBSCRIBE, email to [EMAIL PROTECTED]
>with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
