Re: Just a thought (from an autoreply to another thread)

["Byron L. Sonne" <blsonne () rogers com>]

Damn... you thought of a couple things that never even crossed my mind. 
Nicely done, I like your style :)

Regards,
Byron

Valdis.Kletnieks () vt edu wrote:
> I'm not sure which is worse, the fact that we all now know that his system
> is probably fair game for attack for another week, or that we now know that
> on Jan 9th, he's probably going to be piled under mail and not being quite
> as careful on what he opens.  And I'd be amazed if the X-Mailer: header on
> his mail didn't list out what vulnerabilities it had (correlate build level
> to avisories.. ;)
>
> Hmm.. if he's usually the firewall issue person, it's likely that whoever is
> reading security-support's mail is *less* experienced.
>
> Hint: if the site *has* a security-support address, firewall issues
> should *always* be going there rather than to a specific user, for
> multiple reasons:
>
> 1) that way you know *somebody* will see it even if he's away from the office
> and not reading the mail
>
> 2) Checks and balances - it keeps him honest because if somebody notices a firewall
> issue that he created, he can't just hit delete and get away with it...

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html