re: Actual Security Cases

[H C <keydet89 () yahoo com>]

> Does anybody know a good internet source of actual
security related real life cases?

Unfortunately, some of what you're asking isn't really
the issue you may think it is...for example, "no
remote access via modem" (depending on exactly what
you mean).  Remote access isn't that much of a
security risk, as long as it's implemented,
configured, and managed/monitored appropriately.

W/ regards to "no weak passwords", that's easy
enough...MS released a security advisory in Aug, and
re-released it in Sept.  Evidently there was a rash of
systems getting infected w/ IRC bots, due to weak or
non-existant Administrator passwords.

W/ regards to forwarding corporate email to another
account...in many cases, that's simply against
policies.  I mean, if it's A Very Bad Thing(tm) if
someone hacks the remote account and gains access to
the data, it really isn't so different from writing
your SSN and CC numbers on a piece of paper, and
leaving it sitting on a park bench.



__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com