Re: CONTENT DECISION: Presence of Services or Applications (SA)
>Let's say that I am one of your customers. Let's say my
>policy states that finger should not be running on any
>of my boundary machines. Let's say your scanner determines
>that finger is, in fact, running on one of my boundary machines.
>Question: Has your scanner just identified a vulnerability
>on my system?
No it's not a vulnerability, it's a policy violation, and no I don't admit
that vulnerabilities can be understood independently of policy. The
vulnerability is what allowed someone to get finger to run on your system,
because your policy is to not have finger running. Finger running is just
the result of the attack, the symptom if you will that something else is
amiss in your system.
Microsoft Windows is also a way of thinking - or not thinking, to be more
-- RA Downes Radsoft Laboratories