lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu May 25 18:30:28 2006
From: gboyce at badbelly.com (gboyce)
Subject: Responsibility

On Thu, 25 May 2006, Valdis.Kletnieks@...edu wrote:

> On Thu, 25 May 2006 12:27:07 EDT, Scott Forrest said:
>
>> I would think it would be a matter of negligence if the previous IT
>> Consultant setup wireless access for Hotel Customers to use that also
>> had direct access to the Hotel's network in some way that a virus could
>> jump to their business servers. That just doesn't sound like "sound" or
>> "secure" planning.
>
> All too many networks are set up by a McSE (You want fries with that?) who
> wouldn't know a secure network if it bit them on the ass.  And having been
> bitten, they'd remove all the secure network's teeth to prevent further bites.

Ahh yes.  I've known too many MCSEs who seem to be under the impression 
that if you can't authenticate to the domain, you're not "on the network", 
and you're not able to do any damage.

--
Greg

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ