For you, yes. ----------------------------------------------------------- "Whitehat by day, booger at night - I'm the security snot." - CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ - -----------------------------------------------------------
On Mon, 22 Sep 2003, Blue Boar wrote: > security snot wrote: > > The "code audit" that you guys did to make sure nothing was backdoored was > > quite thorough too, considering since then remote bugs in Snort have been > > published. If you can't even spot the vulnerable code you introduce into > > your source tree by accident, how can you definitively argue that no one > > else snuck in subtle bugs that you also didn't catch? > > I'm sure it would have been extraordinarily difficult to run 'diff' on > the codebase before the intrusion and the one after, to see if any of > the changes weren't accounted for. > > BB > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
