lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <002601c357a9$5ac02fe0$8f04d882@bzdrnja> From: Bojan.Zdrnja at LSS.hr (Bojan Zdrnja) Subject: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) > -----Original Message----- > From: Ron DuFresne [mailto:dufresne@...ternet.com] > Sent: Thursday, 31 July 2003 10:20 a.m. > To: Bojan Zdrnja > Cc: full-disclosure@...ts.netsys.com > Subject: RE: [Full-Disclosure] Avoiding being a good admin - > was DCOM RPC exploit (dcom.c) > > Cool, perimiter security and forcing users to text only based e-mail > clients liek e-mail was intended <grin>. See Paul's post about recommending that to a dean, VP or whatever else. > Eucation works poorly. Educate you users and then 30 minutes later some > of thm will go to their everything-AND-the-kitchen-sink desktop OS, click > on that same mass mailed exe you just told them not to click on, and > reopen the need to once again re-educte your userbase cycle. Of course 9 Then you are a bad teacher. A good teacher will deliver that knowledge to his students in a way that will let it stay in their minds. > out of 10 times it;s going to be one of the upper mgt folks that pushed > for the employee education project that does the uncondoned clicking of > that exe... We can fight against that with other layers of security. However, only education will raise security awareness. Regards, Bojan Zdrnja
Powered by blists - more mailing lists