Firewall Wizards mailing list archives
RE: concerning ~el8 / project mayhem
From: "Bill Royds" <broyds () rogers com>
Date: Sun, 18 Aug 2002 16:21:43 -0400
Anecdote. A number of years I was working in support for a agricultural research facility. We often got requests for "please create a file with all crop yield data from Manitoba for 1964-1974 for fields that used ...", standard database retrieval stuff, but the data set, being huge, was on magnetic tapes on an IBM mainframe, not in a database. Standard procedure for the support staff was to write a Fortran program to run on the mainframe with hardcode field values to extract the data into a file. Being new and figuring that this was silly, I wrote a script that prompted the user for which years, conditions etc. needed to be extracted, created the JCL for a standard MVS utility to extract the file and gave the script to the users who requested the data. My boss, who had been padding his tasks accomplished report for years with these extracts was furious. I had just cut his "productivity" by 2/3 and he was very upset. I see the same attitude among a lot of management. Their view of activity is getting brownie points, not actually achieving results. That is why they like IDS on the Internet side of a firewall. More noise pads "attacks stopped" reports. -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Paul D. Robertson Sent: Sun August 18 2002 03:13 To: Marcus J. Ranum Cc: R. DuFresne; firewall-wizards () honor icsalabs com Subject: Re: [fw-wiz] concerning ~el8 / project mayhem <snip> Well, it's not just the pseudo-security folks who have given us this problem- a lot of blame rides on the shoulders of the old-school consultant/accountant brigade[1]- It's a heck of a lot more profitable to add 30 patches than it is to upgrade, block or remove one service. Vulnerabilities equal billable hours, and (more importantly) thicker reports. Task-directed stuff "upgrade that ancient server" isn't as palatable, or as obviously continued business generating as reporting 72 different vulnerabilities and attributing 6 of them to your own employees who are "saving the world" by generating and distributing sample exploits to the bad guys. I *know* I should upgrade my 8 year old Web server, I didn't know that something called candlefritz would cause it to spill out credit card data on a multicast network. Besides which, upgrading that would break my phf script! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: concerning ~el8 / project mayhem, (continued)
- Re: concerning ~el8 / project mayhem Anton J Aylward, CISSP (Aug 21)
- Re: concerning ~el8 / project mayhem Anton Chuvakin (Aug 21)
- RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Josh Welch (Aug 21)
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 21)
- Re: concerning ~el8 / project mayhem Anton J Aylward, CISSP (Aug 21)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 22)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 22)
- Re: concerning ~el8 / project mayhem Adam Shostack (Aug 23)
- Message not available
- Re: concerning ~el8 / project mayhem Marcus J. Ranum (Aug 17)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 18)
- RE: concerning ~el8 / project mayhem Bill Royds (Aug 18)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 18)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 19)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 19)
- Re: concerning ~el8 / project mayhem Darren Reed (Aug 18)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 19)
- Re: concerning ~el8 / project mayhem Paul Robertson (Aug 19)
- Re: concerning ~el8 / project mayhem Tina Bird (Aug 19)
- Re: concerning ~el8 / project mayhem Adam Shostack (Aug 19)
- Re: concerning ~el8 / project mayhem Nate Campi (Aug 19)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 19)