topic Re: Script from unknown users - security risk? in General Topics

Script from unknown users - security risk?

HeikoAnkenbrand — Wed, 22 Mar 2023 07:02:26 GMT

Many interesting scripts and SmartConsole extensions can be found in the CheckMatesToolbox.

In the last few weeks I have been reading the comments of users again and again, should you execute scripts from unknown users on a firewall. This has been a fundamental question for me for years.

From my point of view, this should not be done, as there is a considerable risk on a productive firewall.

But I personally write my scripts in such a way that everyone can read the source code cleanly.
This gives everyone the chance to analyse the script code.

Checkmates, what do you think about this topic?

Re: Script from unknown users - security risk?

SATO_SOG — Wed, 22 Mar 2023 07:09:15 GMT

I agree with you.

Here we should think about the following:
Are millions of lines of Linux code not also a security risk?

Re: Script from unknown users - security risk?

G_W_Albrecht — Wed, 22 Mar 2023 08:19:26 GMT

Here we should think about the following: Are humans basically a security risk?

Re: Script from unknown users - security risk?

Bärbel — Wed, 22 Mar 2023 14:58:39 GMT

Thats called whataboutism.

Re: Script from unknown users - security risk?

_Val_ — Wed, 22 Mar 2023 15:17:30 GMT

Actually, @G_W_Albrecht has a point 🙂 Humans are the main reason cyber security has so many threats 🙂

Re: Script from unknown users - security risk?

MAlter — Wed, 22 Mar 2023 20:54:48 GMT

I agree with @G_W_Albrecht.
Software is only so secure as the human mind behind it.

Re: Script from unknown users - security risk?

JozkoMrkvicka — Wed, 22 Mar 2023 21:38:37 GMT

If some admin would like to have extension installed on the management, the extension should be first checked by experienced colleague who will give a green light if such a features are safe to be deployed. Tested in lab, of course.

Each and every extension should be available offline (locally present on management by selecting the json file), not downloaded from public internet.

Re: Script from unknown users - security risk?

PhoneBoy — Wed, 22 Mar 2023 21:59:47 GMT

You’ve heard of Linux, right?
It ultimately came from a bunch of random people on the Internet.
Yet, so much of our modern technology landscape is possible because of Linux.

One of the ways trust is built is by publishing source code.
That along with the licensing allowed for wide adoption, reuse, and…trust.

One of the requirements for inclusion in Toolbox is publishing of source code.
This gives you the confidence to see for yourself what’s being done before you decide to use it.

For scripts and the like, you can see what’s being done for yourself easily enough.
The SmartConsole Extensions are a little trickier because of how they are implemented (require a web server stood up).

Re: Script from unknown users - security risk?

the_rock — Wed, 22 Mar 2023 22:43:45 GMT

Well, thats true, but considering AI is taking over the world, humans wont even be needed to do much work soon lol

Re: Script from unknown users - security risk?

the_rock — Wed, 22 Mar 2023 22:46:15 GMT

To me, personally, like everything in life, it all comes down to really one single word...TRUST. As my late grandfather always used to say "If you trust someone only 99%, thats not good enough". I think thats a very good point.

Just my take on it.

Re: Script from unknown users - security risk?

G_W_Albrecht — Thu, 23 Mar 2023 08:45:58 GMT

No, this is not an argument - it was only meant as a parody of SATO_SOGs nonsense 8)