RE: Computer forensics to uncover illegal internet use

["Bob Radvanovsky" <rsradvan () unixworks net>]

Here, here.  I completely and utterly agree!!!

But before we do, lemme get ONE more word in edgewise...  ;)

I just *love* watching and reading about this sort of thing, esp. when it's
discussed by idiots who think they're "technical".

I really like the one quote that I heard one time from a buddy of mine (not
my own quote, but thought it humorous and has stuck with me every since):

        "When an organization can't find usefulness for has-been or
never-been 'technicians', what do these companies do?  Make 'em auditors!!!"

NOTE: A "never-been" technician is someone who lays claim to being
"technical", but really isn't or hasn't a friggin' clue how to do (blah)
procedure, or even knows what a "B.O.B." is (yes, that IS a technical term,
and if you were a technician, you'd know what a "B.O.B." is, esp. if you've
ever worked on AT&T, NCR, or IBM equipment).  Yet, these weasels manage to
get into companies as senior or lead technicians in most companies -- there
are always 1 or 2 of these types in about every company.  They do nothing
(watch sports, surf the web, read [something other than a technical manual]
or listen to music -- some go even so much as to writing a book, working a
2nd job somewhere else during the same timeframe/shift, etc.), and push ALL
of their technical "chores" onto some unsuspecting poor slob (guys like me)
to do their dirty work.

As an observation, many corporate security officers that I have encountered
over the years have little or no security experience, but are good at
bootlicking and deferring tasks onto everyone else; in our organization, our
CSO came up the ranks of HR from her previous location (ironically, where
she was "laid off"), and has about 1.5 to 2 years of security experience.
Everything that she's doing within our organization is by... the... book --
from her PREVIOUS PLACE.  It's a "security cookbook" -- it's very good at
what it offers, but NOT for a private-sectored, privately-owned company!!!
Our company has absolutely NO INTENTIONS of implementing decent security, so
they'd have absolutely NO IDEA if any porno is flowing about or not within
or throughout our organization.  If there is a security issue, they write up
the person, their hands are slapped or they're spanked, and if they get 3
strikes, they're fired, regardless of the circumstances.  So...I'd say that
security within our company is "spin-doctored".  This is how many companies
"fix" security issues today, hoping that they simply go away, and looking
the other way.  Interestingly enough though, the BIGGEST violators of this
mindset are those listed as a "critical infrastructure" organizations:
energy, finance, healthcare, airline, etc.  They have REALLY good bastion
firewalls, and think/feel that is all that they need, but are very
vulnerable WITHIN their organization -- NO IDS, NO active sniffing, NO
"Internet Gestapo" (save for a few companies that I know of, which I won't
mention).

They do the LEAST amount of effort to fix their situations, and have (by
far) the WORST to suffer from this because they've little or nothing.
Political corporate warfare entrenchment and personnel sniping exist at a
large scale.  So...of course, they'd be concerned if someone were looking at
porno...because many of them have no means or methods of remediating the
situation, have budget-clamps preventing them from implementing anything
decent that can't be cracked or hacked around, or are so politically "status
quo" that they wouldn't know where to start!!!

The same goes for the same kind of mindset that other people might have
around here within this forum -- IF they're not trying to sell their 'wares
(as they see this forum as a perfect location to sell their products or
services): 

   "Hi, I'm <Insert Name Here>, the Chief BS Officer from XYZ Security
Specialists-R-Us Corp, Ink.  I don't know the first thing about security,
but have just about every certification under the Sun, but I wanted to
assure you that our company is TOP on the list of blah-de-blah-de-blah
security techniques that we can solve (but won't) for you.  Give me a call
offline, and we'll discuss just how much we'll financially rape your
company, but won't really solve your problem!  Call me!!!"

I find it interesting where YOU come from, "Joshua" -- an "adult content"
web site.  ;)))  (ROTFLMAO....yeah, everything has another side or twist to
it, doesn't it?)  Now, if someone were smart, they'd figure out that you
were representing yourself from the pornography business as you've signed it
with "ClubJenna, Inc." which is the "adult content" web site for Jenna
Jameson.  From your website (cjidigital.com) under 'Affiliate Programs':
"Make More Money than Ever with CJ, Inc sites; one of the most recognizable
Brand Names in Adult Entertainment!  CJ, Inc has established a successful
and profitable online presence and has put together the largest and highest
quality "Mega" Adult Sites on the Net! Please visit <xxx> for further
information".

Hmmmmmmmmmm........  This, to me, is hypocritical.  It's kind of like you
being a representative from the tobacco industry saying that smoking or
chewing tobacco is bad for you...


-r

-----Original Message-----
From: CJI Support [mailto:support () cjidigital com] 
Sent: Tuesday, August 30, 2005 11:48 AM
To: security-basics () securityfocus com
Subject: RE: Computer forensics to uncover illegal internet use

Contact http://asacp.com for further info with regards to kiddie porn.
Might I suggest we discontinue discussing this topic?  It seems as though
we've beaten this horse to a pulp.  Not to mention the simple fact that a
GOOD IT/Network admin would filter out pornographic sites at the firewall,
rather than trying to frame an employee because they've allowed the
inevitable to occur.

 joshua
        cto - clubjenna, inc.