Open Port Indicator?
Soren Hansen
sh at linux2go.dk
Tue Mar 20 13:57:34 UTC 2007
On Tue, Mar 20, 2007 at 08:57:36AM -0400, Peter Whittaker wrote:
> > > UC3: Fritz is setting up a classroom or other contained
> > > environment,
> > > UC4: Barbara is a security researcher setting up a honeypot.
> >
> > I fail to see why UC[34] would require unauthenticated access.
> In Barbara's case, unauthenticated access is required because she
> *wants* the box to be vulnerable, at least via this vector: She is
> setting up a honeypot, she wants attackers to get in (at least part
> way). Given she's a security researcher, she can probably hack the
> code to do what she wants, so UC4 may be off the table.
It's *so* off the table. We should not make provide any sort of UI for
setting up a honey pot, just like we don't keep vulnerable versions of
e.g. sendmail around. :-)
I see don't particularly object to keeping the option around by way of
gconf. The UI should just not allow it.
--
| Soren Hansen | Linux2Go | http://Linux2Go.dk/ |
| Seniorkonsulent | Lindholmsvej 42, 2. TH | +45 46 90 26 42 |
| sh at linux2go.dk | 9400 Norresundby, Denmark | GPG key: E8BDA4E3 |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20070320/f5c2a3bd/attachment.sig>
More information about the Ubuntu-devel-discuss
mailing list