On Thu, May 12, 2005 at 02:11:08PM -0700, Jake-F Harwood wrote:
>
> seem's like a lot of good info thr out because your worried about having
> the security groups scanner IP spooffed.
First of all, some departments are doing their own, more targeted
scanning. Second, it's a vulnerability, and on shared networks, a
realistic vunerability. (Most of my networks are shared). We
shouldn't be encoding vulnerabilities into policy. Third, who says
we're throwing the info out? Many departments do their own network
scanning.
And the issue isn't just the security hole it creates; it's also the
extra management required to maintain SNS's list of IPs on thousands
of machines.
-- Tom Holub (tom_holub@LS.Berkeley.EDU, 510-642-9069) Director of Computing, College of Letters & Science 249 Campbell Hall <http://LS.berkeley.edu/computing/> ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Thu May 12 15:54:26 2005
This archive was generated by hypermail 2.1.8 : Thu May 12 2005 - 15:54:26 PDT