RE: Online Security Services and Continous Risk Management (fwd)

["R. DuFresne" <dufresne () sysinfo com>]

porting of a topic from the firewalls gnac list here:

Folks,

Sorry to revive a topic that looks for the most part closed, but, I have a
question or two related to said issue:

For those currently letting others maintain various aspects of their
network, perimeter, inner-soft-chewy-center, etc;  Would you be concerned
to find the company doing the maintainance work for you mostly via open
text channels via the internet?  <open text channels meaning; regular
telnet/ftp/tftp seesion, no encryption, no direct, closed back channel
(i.e. dedicated circut)>  Have the issues of sniffers and IP spoofing
become a non-worry these days really?

How many out there are aware of other companies providing outsourced
maintainance of the networking services of others, doing so with the same
disregard for eavsdropping and potential compromise as described above?


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards