Date: Wed, 22 Jul 1998 13:17:08 -0400 (EDT) From: "Matthew N. Dodd" <winter@jurai.net> To: Brett Glass <brett@lariat.org> Cc: Pat Lynch <lynch@rush.net>, security@FreeBSD.ORG Subject: Re: Why is there no info on the QPOPPER hack? Message-ID: <Pine.BSF.3.96.980722130309.9891C-100000@sasami.jurai.net> In-Reply-To: <199807221640.KAA06112@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Jul 1998, Brett Glass wrote: > This is Laramie, Wyoming! The person watching the system was an NT > expert, and Heaven knows they have to know about security. But this > happened so fast after first postings of exploits that there was no > time. And there was no CERT advisory. This is clearly the cause of your problem. Your attempts to solve your administrative problem with a technical solution will only give you a false sense of security. Most people don't let the village idiot watch their horse for them. Were I your superior, I would hold you directly responsible for the break in; its a simple as that. Leaving a customer impacting system in the hands of unqualified and improperly trained staff without proper instructions is negligent. If your 'shop' is a mom and pop operation and doesn't have funding for proper staffing then thats where you're at and you'll have to live with the consequences. When I worked at an ISP startup I lived at the office for the first six months (I'm not kidding), and didn't do anything else outside of eat, sleep, drive to/from work and put in 18 to 20 hour days for the period after that. As you have discovered, that sort of work environment is mutually exclusive from having a life. Attempting to give yourself a false sense of security by inventing solutions that address the symptoms and not the root of your problem is only setting yourself up for further security problems. I wish you'd stop trying to convince yourself that some miracle of modern technology would have saved you from your break-in and admit that security is in your own hands. It is highly altruistic of you to desire a solution that prevents the same thing from happening to others but I think you are overly simplifying the issues involved in taking your idea from a pipe dream to reality. Congrats on getting married; your life (which you will be required to have now) will never be the same and your work habits will most definately change. :) /* Matthew N. Dodd | A memory retaining a love you had for life winter@jurai.net | As cruel as it seems nothing ever seems to http://www.jurai.net/~winter | go right - FLA M 3.1:53 */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980722130309.9891C-100000>