Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: concerning ~el8 / project mayhem

From: "Bill Royds" <broyds () rogers com>
Date: Sun, 18 Aug 2002 16:21:43 -0400
Anecdote.

A number of years I was working in support for a agricultural research facility.
We often got requests for "please create a file with all crop yield data from Manitoba for 1964-1974 for fields that 
used ...", standard database retrieval stuff, but the data set, being huge, was on magnetic tapes on an IBM mainframe, 
not in a database. Standard procedure for the support staff was to write a Fortran program to run on the mainframe with 
hardcode field values to extract the data into a file.
  Being new and figuring that this was silly, I wrote a script that prompted the user for which years, conditions etc. 
needed to be extracted, created the JCL for a standard MVS utility to extract the file and gave the script to the users 
who requested the data. 
   My boss, who had been padding his tasks accomplished report for years with these extracts was furious. I had just 
cut his "productivity" by 2/3 and he was very upset.

  I see the same attitude among a lot of management. Their view of activity is getting brownie points, not actually 
achieving results. That is why they like IDS on the Internet side of a firewall. More noise pads "attacks stopped" 
reports.

-----Original Message-----
From: firewall-wizards-admin () honor icsalabs com
[mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Paul D.
Robertson
Sent: Sun August 18 2002 03:13
To: Marcus J. Ranum
Cc: R. DuFresne; firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] concerning ~el8 / project mayhem


<snip>

Well, it's not just the pseudo-security folks who have given us this 
problem- a lot of blame rides on the shoulders of the old-school 
consultant/accountant brigade[1]-

It's a heck of a lot more profitable to add 30 patches than it is to 
upgrade, block or remove one service.  Vulnerabilities equal billable 
hours, and (more importantly) thicker reports.  

Task-directed stuff "upgrade that ancient server" isn't as palatable, or as 
obviously continued business generating as reporting 72 different 
vulnerabilities and attributing 6 of them to your own employees who are "saving 
the world" by generating and distributing sample exploits to the bad guys.

I *know* I should upgrade my 8 year old Web server, I didn't know that 
something called candlefritz would cause it to spill out credit card 
data on a multicast network.  Besides which, upgrading that would break my 
phf script!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: