Firewall Wizards mailing list archives
Re: The Morris worm to Nimda, how little we've learned or gained
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Tue, 8 Jan 2002 16:29:36 -0500 (EST)
On Mon, 7 Jan 2002, Adam Shostack wrote:
On Mon, Jan 07, 2002 at 03:20:01PM -0500, Rich Kulawiec wrote: | But on the upside, there are now enough tools to allow me to install | J. Random Unix/Linux distribution and figure out what it's running, | then start shutting down everything that I possibly can in an attempt | to minimize the exposure. In particular, I make a lot of use of two | A second problem is that I'd like to avoid this entire process; but I'm | not aware of any Unix/Linux distribution whose install procedure includes | taking the user through a dialog that advises them what they're opening | vs. what they're closing. I was impressed with Mandrake 8. Its not perfect, but their top security level (for my latest desktop) was sufficiently tightened that I actually moved to a more relaxed level for local file permissions. Mandrake is Redhat and Bastille.
Yet, my major issue with the redhat/mandrake debian and suse distributions is that they all require so much effort in pachting and keeping up on patched package releases. Most of these disctributions put their admins in a position of doing updates on a weekly basis. If as we claim, out resources in the human area are very much on the light side, what company can really afford to let their employees spend so much time parsing relevant lists for the information required to stay up to date, let alone subject their systems to the more then rigourous levels of constant update they require?
And OpenBSD has long been very, very tight on the network side of things, but less so on the filesystem and setuid stuff.
Pointing towards the arguements about the greatest risk being from the inside. Which in and of itself points to our present situations in retaining employees and thus getting much of their comitment and dedication, something sorely lacking since at least the 70's, was that not the time that tried and true IBM started down the lay-off path? Now, some might well see this as OT, yet, I think it is relevant considering that a companies greatest threat to information theft is from the inside and trying to get employees to be dedicated not only to the tasks they are hired to preform, but, commited to the companies progress in a competative environment comes at the cost of a double-standard when the company is not commited nor dedicated to those they are hiring, and often times those they are hiring for sensitive positions or risk. Thanks, Ron DuFresne -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: The Morris worm to Nimda, how little we've learned or gained Bill_Royds (Jan 06)
- RE: The Morris worm to Nimda, how little we've learned or gained R. DuFresne (Jan 06)
- RE: The Morris worm to Nimda, how little we've learned or gained Paul D. Robertson (Jan 07)
- Re: The Morris worm to Nimda, how little we've learned or gained Rich Kulawiec (Jan 07)
- Re: The Morris worm to Nimda, how little we've learned or gained Paul D. Robertson (Jan 08)
- Re: The Morris worm to Nimda, how little we've learned or gained Adam Shostack (Jan 08)
- Re: The Morris worm to Nimda, how little we've learned or gained R. DuFresne (Jan 09)
- Re: The Morris worm to Nimda, how little we've learned or gained Joseph S D Yao (Jan 09)
- RE: The Morris worm to Nimda, how little we've learned or gained Paul D. Robertson (Jan 07)
- RE: The Morris worm to Nimda, how little we've learned or gained R. DuFresne (Jan 06)