Firewall Wizards mailing list archives
Extreme Hacking
From: Budke <budke () panix com>
Date: Mon, 12 Jul 1999 17:18:25 -0400
There are a couple benefits to the "ethical hacking" process.a) Because of the recent press on hacking, it is somewhat buzzword compliant, and it will get the attention of the C*Os b) it is very cost prohibitive to do security reviews on all systems in a network and in most network settings, there is a level of commonality of trust amongst the environment. If you break the weak link, the rest often fall like dominos.
For B, who's network doesn't have users that have the same password across boxes. How many people do you think install all the latest patches as soon as they are released. In many cases because of change-control procedures they can't. In most cases, no one pays attention.
To say something in a slightly different way than Marcus was saying it, the security problems are ultimately a social problem. If you fix that the majority of security problems will go away. For the people with the right funding, they will probably still be able to find a way into your systems. But the easiest way to get info out of a company still remains picking up the phone or walking in there. The need for a computer is rarely there. It is just more glamorous.
Current thread:
- RE: Extreme Hacking, (continued)
- RE: Extreme Hacking mht (Jul 12)
- Re: Extreme Hacking Matt McClung (Jul 07)
- RE: Extreme Hacking LeGrow, Matt (Jul 09)
- RE: Extreme Hacking sean . kelly (Jul 09)
- Re: Extreme Hacking Chris St.Clair (Jul 12)
- RE: Extreme Hacking sean . kelly (Jul 12)
- Re: Extreme Hacking Alan Lustiger (Jul 12)
- Re: Re: Extreme Hacking MI DC (Jul 12)
- Re: Re: Extreme Hacking MI DC (Jul 12)
- Re: Extreme Hacking Dwcpride (Jul 12)
- Extreme Hacking Budke (Jul 12)