Security Basics mailing list archives
Re: Hashing passwords
From: Alexander Klimov <alserkli () inbox ru>
Date: Wed, 13 Jun 2012 17:44:17 +0300
On Tue, 12 Jun 2012, Kurt Buff wrote:
If more staff were fired or otherwise disciplined after it was proved that they had gotten their company PC infected by navigating to non-work-related web sites (or performing their work in an unsafe manner against advice), we'd have a much better security environment - and the discipline must also apply to C-level execs, as the data they handle are even more precious than some staffer in shipping. I've personally cleaned up malware from the CxO's machines at $WORK, multiple times, because they a) won't pay attention to my recommendations for handling web sites and email and b) won't let me block or quarantine executables and suspect documents at the gateways that are designed to handle them.
Looks like one uses crutches for so long that he forgets how to walk normally. The fact that your computer can be compromised by viewing a web-site or reading email means that something it terribly wrong with your computer. It is sane to fix bugs in the browser and MUA, to use a better SELinux policy to constrain the applications, or to run them inside a virtual machine. On the other hand, to blame the user for reading mail or browsing Internet is at most an exercise in futility. -- Regards, ASK ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Hashing passwords haZard0us (Jun 11)
- Re: Hashing passwords Ansgar Wiechers (Jun 11)
- Re: Hashing passwords Rory Browne (Jun 11)
- RE: Hashing passwords Liam Randall (Jun 12)
- Re: Hashing passwords martin . mngoma (Jun 12)
- Re: Hashing passwords Kai Wirt (Jun 12)
- Re: Hashing passwords Kurt Buff (Jun 12)
- Re: Hashing passwords Ansgar Wiechers (Jun 13)
- Re: Hashing passwords Kurt Buff (Jun 13)
- Re: Hashing passwords Alexander Klimov (Jun 13)
- Re: Hashing passwords Rory Browne (Jun 11)
- RE: Hashing passwords Mikhail A. Utin (Jun 13)
- Re: Hashing passwords Kai Wirt (Jun 13)
- Re: Hashing passwords Ansgar Wiechers (Jun 11)
- Re: Hashing passwords gold flake (Jun 12)
- Re: Hashing passwords Kai Wirt (Jun 12)
- Message not available
- Re: Hashing passwords Jennifer Wachter (Jun 12)
- RE: Hashing passwords Dave Kleiman (Jun 12)