Security Basics mailing list archives
RE: Law office recommendations?
From: "Ken Kousky" <kkousky () ip3inc com>
Date: Tue, 18 Feb 2003 09:49:29 -0500
One of their biggest exposures is their open conference rooms that allow guests to sniff across the segment. I tell the story of being in a fancy law office with powerful litigators and investment bankers all cranking away on their portables as they stare each other down across the table - a little dsniff or ethereal allows the opposition to trap the clear text traffic their emailing back to hq. We teach everyone to pen test from inside out, not just outside in. Social engineering is a far greater concern I think - that and strong password vulnerabilities. KWK IP3 -----Original Message----- From: Tim Heagarty [mailto:tim () heagarty com] Sent: Monday, February 17, 2003 12:36 PM To: security-basics () securityfocus com Subject: Law office recommendations? Hello, I wish to pick the collective brain for a moment if I may. I am working up an initial service quote for a law office of 100+ associates and 45+ attorneys. Do you have any recommendations of areas to be sure to get into the Risk Analysis? They've already been hit by Slammer and a script kiddie "pubber". I just want to be on my toes as I have not worked for attorneys before and all those sharks in the water makes me want to do this one really well. Also, if there's a more appropriate list for this I'd be glad to move this discussion to it. Thanks everyone, Tim Heagarty MCSE, MCP+I "There are only 10 kinds of people in the world, those that understand binary, and those that don't." Work: (928) 636-0489 Cell: (928) 533-9690
Current thread:
- Law office recommendations? Tim Heagarty (Feb 17)
- RE: Law office recommendations? Ken Kousky (Feb 18)
- <Possible follow-ups>
- RE: Law office recommendations? Vince Dang (Feb 18)
- RE: Law office recommendations? Trevor Cushen (Feb 18)
- RE: Law office recommendations? Mike Carney (Feb 19)
- Re: Law office recommendations? JohnNicholson (Feb 20)