Tom,
CISC did approve changes to the implementation guide that required holes for the
SNS scanners as part of a "correct configuration". Note that the language of the
standard specifies that the firewall configuration must be configured according
to the implementing guidelines. My revision of this page has not been posted to
the SNS site yet, but these changes were approved 4-5 months ago. However, I
assume that we'll be discussing this at our next meeting anyway, so maybe it
won't make it up there at all.
Ryan
On 5/10/2005 7:50 AM, Tom Holub wrote:
> On Tue, May 10, 2005 at 12:36:49AM -0700, Ryan L. Means wrote:
>
>>However, when CISC talked about allowing SNS to scan through host-based
>>firewalls, I believe that we did weigh the risks. There were people on
>>both sides of the issue, but maybe the right arguments weren't made. The
>>standards are designed to be flexible...
>
>
> As far as I recall, CISC didn't decide to require holes for SNS's
> scanning.
>
-- Ryan L. Means Chief Technical Officer School of Law (Boalt Hall) University of California, Berkeley ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Tue May 10 13:45:11 2005
This archive was generated by hypermail 2.1.8 : Tue May 10 2005 - 13:45:12 PDT