[Discussion] Features - egress

• Previous message (by thread): [Discussion] Features
• Next message (by thread): [Discussion] Features - egress
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date sent:      	Thu, 16 Oct 2008 21:00:32 -0400
From:           	Matt Jonkman <jonkman at jonkmans.com>

> Here's the big thread. And don't be afraid to start sub-threads for
> specifics here.

OK  :-)

> OK, those are my initial wish list items. Who has more? What else should
> we do? 

Allow me to throw in a strong push for including egress scanning and analysis.  We 
tend to get fixated on the traditional bastion position, with the bad guys all on the 
outside and everything inside is pure.  In the current malware-rich environment 
that is untenable.  We also can gain a lot more granular information (in addition 
to the defence-in-depth backstop) from egress scanning, since we have a much 
batter idea of what *should* be leaving our nets.

======================  (quote inserted randomly by Pegasus Mailer)
rslade at vcn.bc.ca     slade at victoria.tc.ca     rslade at computercrime.org
I appreciate the fact that this draft was done in haste, but
some of the sentences that you are sending out in the world to
do your work for you are loitering in taverns or asleep beside
the highway.
           -- Dr. Dwight Van de Vate, Professor of Philosophy,
                   University of Tennessee at Knoxville
victoria.tc.ca/techrev/rms.htm blogs.securiteam.com/index.php/archives/author/p1/

• Previous message (by thread): [Discussion] Features
• Next message (by thread): [Discussion] Features - egress
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]