From owner-freebsd-security  Wed Jul 22 10:18:12 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA12971
          for freebsd-security-outgoing; Wed, 22 Jul 1998 10:18:12 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from sasami.jurai.net (winter@sasami.jurai.net [207.153.65.3])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA12909
          for <security@FreeBSD.ORG>; Wed, 22 Jul 1998 10:17:51 -0700 (PDT)
          (envelope-from winter@jurai.net)
Received: from localhost (winter@localhost)
	by sasami.jurai.net (8.8.8/8.8.7) with SMTP id NAA24479;
	Wed, 22 Jul 1998 13:17:09 -0400 (EDT)
Date: Wed, 22 Jul 1998 13:17:08 -0400 (EDT)
From: "Matthew N. Dodd" <winter@jurai.net>
To: Brett Glass <brett@lariat.org>
cc: Pat Lynch <lynch@rush.net>, security@FreeBSD.ORG
Subject: Re: Why is there no info on the QPOPPER hack? 
In-Reply-To: <199807221640.KAA06112@lariat.lariat.org>
Message-ID: <Pine.BSF.3.96.980722130309.9891C-100000@sasami.jurai.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, 22 Jul 1998, Brett Glass wrote:
> This is Laramie, Wyoming! The person watching the system was an NT
> expert, and Heaven knows they have to know about security. But this
> happened so fast after first postings of exploits that there was no
> time. And there was no CERT advisory. 

This is clearly the cause of your problem.  Your attempts to solve your
administrative problem with a technical solution will only give you a
false sense of security.

Most people don't let the village idiot watch their horse for them.

Were I your superior, I would hold you directly responsible for the break
in; its a simple as that.  Leaving a customer impacting system in the
hands of unqualified and improperly trained staff without proper
instructions is negligent.

If your 'shop' is a mom and pop operation and doesn't have funding for
proper staffing then thats where you're at and you'll have to live with
the consequences.  When I worked at an ISP startup I lived at the office
for the first six months (I'm not kidding), and didn't do anything else
outside of eat, sleep, drive to/from work and put in 18 to 20 hour days
for the period after that.  As you have discovered, that sort of work
environment is mutually exclusive from having a life. 

Attempting to give yourself a false sense of security by inventing
solutions that address the symptoms and not the root of your problem is
only setting yourself up for further security problems. 

I wish you'd stop trying to convince yourself that some miracle of modern
technology would have saved you from your break-in and admit that security
is in your own hands.  It is highly altruistic of you to desire a solution
that prevents the same thing from happening to others but I think you are
overly simplifying the issues involved in taking your idea from a pipe
dream to reality. 

Congrats on getting married; your life (which you will be required to have
now) will never be the same and your work habits will most definately
change. :) 

/* 
   Matthew N. Dodd		| A memory retaining a love you had for life	
   winter@jurai.net		| As cruel as it seems nothing ever seems to
   http://www.jurai.net/~winter | go right - FLA M 3.1:53	
*/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message