[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CONTENT DECISION: Presence of Services or Applications (SA)

>Let's say that I am one of your customers. Let's say my
>policy states that finger should not be running on any
>of my boundary machines.  Let's say your scanner determines
>that finger is, in fact, running on one of my boundary machines.
>Question:  Has your scanner just identified a vulnerability
>on my system?

No it's not a vulnerability, it's a policy violation, and no I don't admit
that vulnerabilities  can be understood independently of policy.  The
vulnerability is what allowed someone to get finger to run on your system,
because your policy is to not have finger running.  Finger running is just
the result of the attack, the symptom if you will that something else is
amiss in your system.

Microsoft Windows is also a way of thinking - or not thinking, to be more
-- RA Downes  Radsoft Laboratories

Page Last Updated or Reviewed: May 22, 2007