Full Disclosure mailing list archives
RE: "MS Blast" Win2000 Patch Download
From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 15 Aug 2003 09:21:38 -0500
--On Friday, August 15, 2003 08:35:30 AM -0400 James Patterson Wicks <pwicks () oxygen com> wrote:
I guess we just have a diferent approach to laptops and the corporate environment than others. The only way a laptop can be plugged into our network is if it has been cleard by the IS department.
No, he doesn't have a different approach. He has a different set of problems than you do.
Try solving this puzzle. You have 50,000 students living in dormitories, each with a 100MB connection to the Internet. Their computers belong to them and the state will not allow you to do any work on them. In addition, for liability reasons, you cannot work on their computers.
Now solve the problem of them constantly getting hacked and infected, without being able to force software on their computers, without being able to patch them, without being able to demand that they use a firewall. (You can send them all the warning messages you want. Good luck on having them actually *read* them, much less follow the advice.)
Sure, you can firewall off the dorms from your network, but that doesn't solve the problem of the 50,000 student infecting each other and then calling your support people crying for help. And it doesn't solve the problem of those same students bringing their infected laptops *on* your network when they walk up from the dorms.
You see, you have a myopic view (as do a *lot* of people) of what the real world is like. You think because you live in your nice little insulated world where everything is under control (you hope), that everyone else ought to be able to do the same thing and if they don't, they're just lazy or incompetent. Others have to deal with *much* greater problems than yours. I'd *love* to be in your situation. I could sit on my ass in my office enjoying life, smug in the knowledge that no one could violate my policies without serious repercussions. (Actually, that's not true. I love what I do now, and I'd much rather deal with the challenges that I face than be the BOFH in your situation.)
I often wonder, when reading these types of posts, if the people that write them could even survive in a tough, real-world environment trying to "do security". I suspect not.
Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: "MS Blast" Win2000 Patch Download, (continued)
- RE: "MS Blast" Win2000 Patch Download James Patterson Wicks (Aug 14)
- RE: "MS Blast" Win2000 Patch Download Darren Bennett (Aug 14)
- Re: "MS Blast" Win2000 Patch Download Jeffrey A.K. Dick (Aug 14)
- Re: "MS Blast" Win2000 Patch Download Valdis . Kletnieks (Aug 14)
- RE: "MS Blast" Win2000 Patch Download James Patterson Wicks (Aug 14)
- RE: "MS Blast" Win2000 Patch Download Brad Bemis (Aug 14)
- RE: "MS Blast" Win2000 Patch Download Bassett, Mark (Aug 14)
- RE: "MS Blast" Win2000 Patch Download Schmehl, Paul L (Aug 15)
- Re: "MS Blast" Win2000 Patch Download Jeremiah Cornelius (Aug 15)
- RE: "MS Blast" Win2000 Patch Download James Patterson Wicks (Aug 15)
- RE: "MS Blast" Win2000 Patch Download Paul Schmehl (Aug 15)
- RE: "MS Blast" Win2000 Patch Download Ron DuFresne (Aug 15)
- RE: "MS Blast" Win2000 Patch Download Paul Schmehl (Aug 15)
- RE: "MS Blast" Win2000 Patch Download Paul Schmehl (Aug 15)
- Re: "MS Blast" Win2000 Patch Download Valdis . Kletnieks (Aug 15)
- RE: "MS Blast" Win2000 Patch Download James Patterson Wicks (Aug 14)