My life sucks - was Re: Authorities eye MSBlaster suspect

["security () brvenik com" <security () brvenik com>]

I must say, you folk are over worked and I think that you harbor a 
slight grudge because of it.

> In case anybody thinks that XX is somehow bragging, forget it.  The 
> many roles he is expected to fulfill are typical in a university 
> environment.  There *is* no such thing as "an intrusion detection 
> specialist".  Everyone in edu wears many hats - most of which are 
> fulltime jobs in their own right.


An example was given where projects were on hold for whatever reason. I 
believe those projects were impacted severely by a lack of productivity 
while the network was down too. To take it a little bit further, a lot 
of other projects that generate the revenue that contribute to the 
grants that fund the projects were impacted because of the insecurity of 
systems as a whole. I think we can all agree that the EDU is as damaging 
as the high speed home user in this respect. The issue I take is that 
the EDU has an opportunity to mitigate these issues in part through 
policy and education. The home user is a much more difficult challenge.

> > And you can't weasel out by saying "Hire somebody else to do that other
> > stuff"  or "hire somebody else to do security" - the point is that if we
> > did hire somebody else, then we'd only have 1 person of the 2 available
> > for productive work.  If we didn't have to keep spending resources on
> > security, BOTH people would be available then. 

Kudos to all  administrators for taking on the task of managing and 
running a challenging environment. I fear that the probems you face are 
not easily resolved at your level and that there is a lot more work to 
be done to raise the awareness at all levels. You have chosen to take on 
this challenge by your decision to continue to work there, please quit 
telling us how difficult it is and why you cannot do it and spend that 
time doing it and explaining how you did it. I understand that it will 
take longer and I understand that it is frustrating and I understand 
that it is... Truth is you choose to continue to work there and be 
security aware so please contribute to the solution and not defend your 
problems.

> That's won't stop anyone from trying though.  They actually think 
> "security" is the stuff you *should* be doing, not helping your users 
> be more productive.


Like it or not security is a part of the job and failure to execute is 
not just your problem, we all feel the impact. Don't like the work, 
change your life, go sell something at your local retail store and have 
fun every day when you are off instead of should be off.

I believe that _proper_ security will help your users be more 
productive, not just the act of patching and patching but employing the 
methodologies behind proper security. What would have been the impact to 
productivity had this worn of the day deleted all .doc files and then 
filled the ramaining disk with random chars?

People sit here on this list defending the problems and issues they face 
giving those that might be facing similar problems a reason to ignore it 
because XYZ is not solving it either. The reaity is that you can be by 
presenting how you solved problems given the limited budget and 
resources available and help those facing similar challenges instead of 
giving them reasons to ignore them and complaining all the time.

Tis all I am going to sat about that.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html