Hosting Provided By

RE: Actual Security Cases

From: David Gillett <gillettdavid(at)fhda.edu>
Date: Fri Jan 31 2003 - 13:30:37 EST

Relatively few things are much of a risk if implemented, configured, and managed/monitored appropriately. But doing so is a lot harder for some things than for others. My own feeling is that operating banks of modems and terminal servers is best left to ISPs, and so official dial-up remote access simply rolls into remote network access.
On the other hand, users setting up their own dial-in modems at their desks is virtually impossible to "implement, configure, and manage/monitor appropriately".

> W/ regards to "no weak passwords", that's easy

The "Lioten" worm that struck in early December used a short list of trivial passwords such as "12345". .1% compromise (4 machines out of 4000) by it was enough to cripple one of our less-restricted networks for two days.

David Gillett Received on Fri Jan 31 19:04:56 2003

This message: [ Message body ]
Next message: Naman Latif: "Setting up an IDS system"
Previous message: Trevor Cushen: "RE: Remote access solution"
In reply to H C: "re: Actual Security Cases"
Reply: H C: "re: Actual Security Cases"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:40 EDT