Meeting topic - security test
steve doerr
sdoerr at qni.com
Sat Mar 25 03:19:43 CST 2000
"M. Osten" wrote:
> I'm not saying that you *shouldn't* portscan your own
> machine, you should. What I am saying is that tools such as "Saint" and
> the proposed portscan-o-rama of a webpage do not really help anyone with
> the understanding of what's going on with their box.
I didn't propose a port scan web page, and specifically said that anyone
willing to do something like this should reply w/ the results to the requester
alone. It would be stupid to post the results of a scan to a public list.
But, I've got a better idea about how to do something like this.
If someone wants an outside security check, they could just post a generic
message like, "Could someone review my security" to the list. Then anyone who
had the time and ability to poke around on their system could contact them off
the list, and make arrangements to be online at the same time and look at their
system from outside. Then they could tell them what they should look into and
why (off list).
I've reviewed my services and their configuration, and am comfortable with
them, but would like the input of others who know more about it than myself.
Maybe other list members would appreciate this also.
Steve
More information about the Kclug
mailing list