(no subject)

["James Patterson Wicks" <pwicks () oxygen com>]

"The moral is obvious. You can't trust code that you did not totally
create yourself. "
This is why the enterprise chose to deprecate all of the Unix servers
except for external DNS (and Legato backup, but we cannot control that).

It's surprising how much flack my post is generating.  If you have good
change control management in place, you lessen the likelihood of some
pissed off admin planting time bombs in your system.  There is no 100%
solution to clearing off an admin from an enterprise, but having scripts
change passwords across the enterprise is a whole like easier than
having all of the admins running around changing passwords when the CTO
calls someone in the office for "The Talk."

The networking issue is a much bigger problem which we are still trying
to tackle.  The way we handle it now is simple . . .  Pay your network
team a lot of money, leave them alone, but make sure you stay current on
the information security laws.

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of
gadgeteer () elegantinnovations org
Sent: Friday, February 13, 2004 1:45 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Re: Removing FIred admins

On Fri, Feb 13, 2004 at 12:29:25AM -0500, James Patterson Wicks
(pwicks () oxygen com) wrote:
> "The Button"

Impressive.  Upperscase letters to start off each word.  Quotes to set
it apart from the rest of the sentence it appears in.


> [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Cael Abal
>   Imagine every sneaky thing a cracker
> could do -- subvert your IDS, implement Ken Thompson-esque
> login/compiler bugs, etc... And then consider that they might've
> happened any time in the past few years and have by now completely
> infiltrated your backup media.

Maybe it is the length of this comma separated value listing that caused

your eyes to glaze over.  Let us examime one of these items.  For the 
sake of history (which so many seem to scorn), for its elegance, and 
to honor the inventor of the original UNIX kernel...

http://www.acm.org/classics/sep95/

Then contemplate on the futility of effort being expended on "The
Button".
-- 
Chief Gadgeteer
Elegant Innovations

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


This e-mail is the property of Oxygen Media, LLC.  It is intended only for the person or entity to which it is 
addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. 
Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient 
is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to 
postmaster () oxygen com and destroy all electronic and paper copies of this e-mail.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html