Re: The Morris worm to Nimda, how little we've learned or gained

["R. DuFresne" <dufresne () sysinfo com>]

On Mon, 7 Jan 2002, Adam Shostack wrote:

> On Mon, Jan 07, 2002 at 03:20:01PM -0500, Rich Kulawiec wrote:
> | But on the upside, there are now enough tools to allow me to install
> | J. Random Unix/Linux distribution and figure out what it's running,
> | then start shutting down everything that I possibly can in an attempt
> | to minimize the exposure.  In particular, I make a lot of use of two
>
> | A second problem is that I'd like to avoid this entire process; but I'm
> | not aware of any Unix/Linux distribution whose install procedure includes
> | taking the user through a dialog that advises them what they're opening
> | vs. what they're closing.
>
> I was impressed with Mandrake 8.  Its not perfect, but their top
> security level (for my latest desktop) was sufficiently tightened that
> I actually moved to a more relaxed level for local file permissions.
> Mandrake is Redhat and Bastille.


Yet, my major issue with the redhat/mandrake debian and suse distributions
is that they all require so much effort in pachting and keeping up on
patched package releases.  Most of these disctributions put their admins
in a position of doing updates on a weekly basis.  If as we claim, out
resources in the human area are very much on the light side, what company
can really afford to let their employees spend so much time parsing
relevant lists for the information required to stay up to date, let alone
subject their systems to the more then rigourous levels of constant update
they require?

> And OpenBSD has long been very, very tight on the network side of
> things, but less so on the filesystem and setuid stuff.

Pointing towards the arguements about the greatest risk being from the
inside.  Which in and of itself points to our present situations in
retaining employees and thus getting much of their comitment and
dedication, something sorely lacking since at least the 70's, was that not
the time that tried and true IBM started down the lay-off path?  Now, some
might well see this as OT, yet, I think it is relevant considering that a
companies greatest threat to information theft is from the inside and
trying to get employees to be dedicated not only to the tasks they are
hired to preform, but, commited to the companies progress in a competative
environment comes at the cost of a double-standard when the company is not
commited nor dedicated to those they are hiring, and often times those
they are hiring for sensitive positions or risk.

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  sysinfo.com
                  http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards