Joep Vesseur wrote:
> Interesting case... At first I thought it was April 1st already, but I guess
> we'll see more tools like this appearing as familiarity cases (NFS-shell
> anyone?)
>
> I realize that any user can install this software by downloading and
> compiling, but I'm left with two questions when it's present out of the box:
>
>  - what privileges are needed by this software? Can any regular user run this
>    and, perhaps accidentally, create havoc on the networks he's connected to?
>    I guess it would be nice if only users with "Network Security" or another
>    suitable profile were able to use this program.
>
>  - The FOSS document states that there are no network services provided by
>    this software and no authentication performed. The man-page however
>    mentions a daemon mode that offers a Cisco-like CLI that people can use
>    to monitor and launch attacks from. Who can start this daemon and how is
>    access to the daemon controlled?
>
> Joep
>   
I'm actually of the opinion that this is not something we ought to be 
bundling with our systems.  I understand there might be some intent to 
allow administrators to do penetration testing, but I really believe we 
shouldn't be encouraging end-users to do this.  Basically, tools like 
this just facilitate life for the "script kiddies".  From an 
architectural point of view, does it make sense that we include tools 
that have the primary purpose of being used to identify and exploit 
weaknesses in the network infrastructure?  I really don't think so.

If just one corporate catastrophe is avoided by not having this kind of 
software "too readily available", then I'll be glad we haven't shipped it.

I think this case pushes the "familiarity envelope" just a bit too far.  
My fingers are hovering over the derail button...  but I'll give the 
submitter/owner a chance to help me understand the architectural vision 
here -- how does offering this in prepackaged form do more good than harm?

    - Garrett

Reply via email to