Security Basics mailing list archives
Re: Opinions sought...How much information is to much to "give away"?
From: ChayoteMu <chayotemu () gmail com>
Date: Wed, 29 Jun 2005 14:31:41 -0700
I would think the main risk of giving too much information would be on how specific you are about numbers 2 and 3. If you just say something like "We have a mix of Windows 2k, XP workstations, *ix and Win2k3 servers." then you're not giving that much information there. For number 3 it's a bit more tricky. If you've just said "we use seperate solutions for firewall, IDP, remote access, etc such as company X device Y and a few others" then I don't see that as much of a problem. I would ensure that the article gives plenty of specific info for the software, how well it's worked and all of that, but unless it's direct to that and necessary to make sense of how you use their package I wouldn't give any more information. Then again I am a bit paranoid so I'm assuming this article is going out to the wide open public. On 6/29/05, Kevin Kasner <tkevink () gmail com> wrote:
My backup vendor recently interviewed me for an article because I'm using their encryption package. They have sent me the article for review, so I still have a chance to change how much information is disclosed... In the course of the article, several things are revealed about my environment: 1) My backup solution & what types of data are encrypted in my back ups (ie: customer data, AD/LDAP info, databases, server O/S's), and that I have off site storage of tapes 2) My OS mix (ie: Windows, ...) 3) the fact that I have "separate solutions" for firewall, IDP, remote access, and network monitoring 4) Who we are and what city we are located in. So...I'm looking for some honest opinions on whether I'm giving away too much info. Thanks!!
-- "To catch a theif, think like a theif. To catch a master theif, be a master theif."
Current thread:
- Opinions sought...How much information is to much to "give away"? Kevin Kasner (Jun 29)
- Re: Opinions sought...How much information is to much to "give away"? xyberpix (Jun 30)
- Re: Opinions sought...How much information is to much to "give away"? ChayoteMu (Jun 30)
- Re: Opinions sought...How much information is to much to "give away"? Raymond Lillard (Jun 30)
- <Possible follow-ups>
- Re: Opinions sought...How much information is to much to "give away"? teagleeyes (Jun 30)
- Re: Opinions sought...How much information is to much to "give away"? oscar (Jun 30)