Full Disclosure mailing list archives

Re: Responsibility

From: gboyce <gboyce () badbelly com>
Date: Thu, 25 May 2006 13:30:16 -0400 (EDT)

On Thu, 25 May 2006, Valdis.Kletnieks () vt edu wrote:

On Thu, 25 May 2006 12:27:07 EDT, Scott Forrest said:

I would think it would be a matter of negligence if the previous IT
Consultant setup wireless access for Hotel Customers to use that also
had direct access to the Hotel's network in some way that a virus could
jump to their business servers. That just doesn't sound like "sound" or
"secure" planning.


All too many networks are set up by a McSE (You want fries with that?) who
wouldn't know a secure network if it bit them on the ass.  And having been
bitten, they'd remove all the secure network's teeth to prevent further bites.

Ahh yes. I've known too many MCSEs who seem to be under the impressionthat if you can't authenticate to the domain, you're not "on the network",and you're not able to do any damage.


--
Greg

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Responsibility Greg (May 21)
- Re: Responsibility Line Noise (May 21)
- Re: Responsibility Paul Schmehl (May 21)
  - Re: Responsibility Sol Invictus (May 22)
- Re: Responsibility <...> (May 23)
- Re: Responsibility Sean Comeau (May 23)
- <Possible follow-ups>
- RE: Responsibility Scott Forrest (May 25)
  - Re: Responsibility Michael Holstein (May 25)
- RE: Responsibility Scott Forrest (May 25)
  - Re: Responsibility Valdis . Kletnieks (May 25)
    - Re: Responsibility gboyce (May 25)