Firewall Wizards mailing list archives

Re: RE: In defense of non standard ports

From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 27 Jan 2006 17:06:35 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 24 Jan 2006, Paul D. Robertson wrote:

On Tue, 24 Jan 2006, Tim Shea wrote:

I've been monitoring this discussion and I have issues with two
assumptions being made.  The first is that all organizations have security
professionals with some pull with management.  Politics plays a big part


Trust me, if your organization has security professionals, then they have
pull with management.

I had to stop here, for the term "security professionals" is a hard one todefine, does this imply certified persons? Also, working for a state gov,I can state plainly, security professionals/certified persons means littlewhere I ern a paycheck, as they tend to have certs indeed, and yet lack askill tween the whole group of 10 or so, in fact we could hire monkeys toaccomplish the same "scan reports" that are the height of their abilities.

Now to the end of the statement, do they have pull with mgt? Well, theyare pulling in a far different diredtion the more they tend to rufflewhole departments by crying wolf <sorry, no that trojan port your nessusscan spotteed means less this month then it did last month you spewed itup the mgt hill on our RACF mainframe, or sorry no your nessus skills arenot truely honed if you think pcanywhere is running on that solaris box>.

We have more personell that do not work with ISO with a clue towardssecurity in their prospective realm/OS/platform or on a whole then any ofthe certified monkeys that ISO has hired to "secure" this state, and themore pull with mgt thet have means the worse things get with each newproject rolled out...



Thanks,

Ron DuFresne

- --~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD2pltst+vzJSwZikRAvDnAJ9u9wdqBD/ZCEOUJOnu2wh857TJUQCfdwGn
3Mz2Vglj3sYkq16kW6Pzz4E=
=nyeE
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

RE: RE: In defense of non standard ports R. DuFresne (Feb 01)
- RE: RE: In defense of non standard ports Jim Seymour (Feb 02)
- <Possible follow-ups>
- Re: RE: In defense of non standard ports R. DuFresne (Feb 01)
  - Re: RE: In defense of non standard ports Paul D. Robertson (Feb 02)
    - RE: RE: In defense of non standard ports Bill Royds (Feb 02)
    - RE: RE: In defense of non standard ports R. DuFresne (Feb 20)
    - Re: RE: In defense of non standard ports R. DuFresne (Feb 02)