Re: Ok, so now we have a firewall, we're safe, right?

["R. DuFresne" <dufresne () sysinfo com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


        [SNIP]

> I *still* contend that removing the execute bit from attachments saved on
> MS desktops would give everyone lots more time to deal with credible and
> actual threats, rather than the noise that's become a threat simply
> because of the volume.  But I suppose if you spend years forcing your
> loader to load and execute any manner of garbage as happily as it can,
> you'd probably be resistant to that too...

The most common reason I have come across for companies not removing the 
exe bit, or even putting such attachments into some quarantine, is that 
it ends up costing at the help desk.  Goes back to user training and 
education, which as Tina mentioned in another post, is a non-win issue...

Now, Management training and education, that's the game that might help, 
though I tend to regard management as a cog in the wheels as well, from 
experience.

Thanks,

Ron Dufresne
- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCpKirst+vzJSwZikRAgBmAJ4rwRQfN0BuvQwSMMOOSx8PCJ2TmgCg3NCJ
tYLPwGwtquIKvHt2Nt9S/C4=
=Esoe
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards