Firewall Wizards mailing list archives
Re: concerning ~el8 / project mayhem
From: Dave Piscitello <dave () corecom com>
Date: Thu, 22 Aug 2002 10:48:43 -0400
Certainly.I've helped a handful of very small businesses run by friends and church associates. (Help is distinguished from consulting by the fee charged, e.g., beer vs. money)
These are mostly Microsoft Windows shops. They are business people who have DSL/EtherLoop access and I've installed SOHO firewalls for them.
Common properties:- A/V is not on all computers, and virus definitions aren't up to date on those that have A/V
- every WinOS setting is set at defaults - no system is passworded- no one has any idea whatsoever what a security/hot fix is, or why they'd install a service pack
IMO this is not a good computing environment, and I encourage them to run Microsoft's Baseline Security Analyzer and several simple and free vulnerability assessment tools on their computers. Small business IT's like training children to have good hygene early.
What's much more worrisome to me for such businesses is that they often purchase some vertical application software (real estate, credit card database, mortgage processing, medical) that runs on Linux, BSD, or SCO.
What's common on these machines: - default *NIX configuration, dozens of services running, guest accounts, etc.- the vendor insists that services like telnet/rcp, etc. be accessible through the firewall so that they can service the machine. In some instances, the application refers out to other servers.
- no one in the company can distinguish SCO from a scone...Here's where I'd love to have Paul's "harden the server in 2 minutes" vulnerability assessment and mediation skills.
Confession. I would not classify myself as an outstanding *NIX admin. I make use of assessment tools on these and "sandbox" machines in my office to hopefully raise my competency to a level that is at least the value of a beer to my friends. Fortunately, I am often able to browbeat vendors into using SSH over telnet, and I implement as stringent a firewall policy as possible. So far, everyone's been able to stay off the radar.
We too often think of competency in terms of our own skill sets, enterprise budgets (lame though they may be, they are worlds better than what companies with annual earnings of six figures can afford), and (praise the vendor) evaluation equipment.
At 10:09 PM 8/21/2002 -0400, Anton J Aylward CISSP wrote:
On Wed, 2002-08-21 at 17:57, Dave Piscitello wrote: > Scanners raise the competency levels of individuals who aren't quite as > capable as Paul and others he and we might all identify as his equals. Interesting assertion. Could you explain it please. /anton
David M. Piscitello Core Competence, Inc. & 3 Myrtle Bank Lane Hilton Head, SC 29926 dave () corecom com 843.689.5595 www.corecom.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: concerning ~el8 / project mayhem, (continued)
- Re: concerning ~el8 / project mayhem Marcus J. Ranum (Aug 17)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 17)
- Re: concerning ~el8 / project mayhem Anton A. Chuvakin (Aug 21)
- Re: concerning ~el8 / project mayhem Paul Robertson (Aug 21)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 21)
- Re: concerning ~el8 / project mayhem Anton J Aylward, CISSP (Aug 21)
- Re: concerning ~el8 / project mayhem Anton Chuvakin (Aug 21)
- RE:Vulnerability Scanners ( was: concerning ~el8 / project mayhem ) Josh Welch (Aug 21)
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 21)
- Re: concerning ~el8 / project mayhem Anton J Aylward, CISSP (Aug 21)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 17)
- Re: concerning ~el8 / project mayhem Marcus J. Ranum (Aug 17)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 22)
- Message not available
- Re: concerning ~el8 / project mayhem Dave Piscitello (Aug 22)
- Re: concerning ~el8 / project mayhem Adam Shostack (Aug 23)
- Re: concerning ~el8 / project mayhem Marcus J. Ranum (Aug 17)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 18)
- RE: concerning ~el8 / project mayhem Bill Royds (Aug 18)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 18)
- Re: concerning ~el8 / project mayhem Paul D. Robertson (Aug 19)
- Re: concerning ~el8 / project mayhem Barney Wolff (Aug 19)