Re: [fw-wiz] Highlighting Security Issues
From: Victor Williams (vbwilliams_at_neb.rr.com)
Date: Sun, 01 Aug 2004 16:20:40 -0500
As an addendum to my emotional response to this guy's claim he did
This is typical gov't know-nothing behavior. If we don't know what it
is, it must be bad, and we must have been hacked.
I met the chief security officer for the US Dept of Agriculture back in
2000 (don't know if it's still the same guy), and during discussions
with him, he was just convinced that dual-homed machines of any sort
were more able to get hacked than single-homed. After questioning him
repeatedly on it, I finally asked the question "Aren't most firewalls
'dual-homed' machines? Most all of them have at least 2 NICS--it's a
requirement..right? And if so, doesn't the work of the administrator of
the dual-homed machine ultimately determine it's hackability?" No
answer. He ignored me from that point forward.
It is never assumed that the lower ranks might know what they're doing.
It's just assumed that because they get paid less, they don't know
anything. In my experience, that's not always the case...but usually.
I don't doubt that the person here probably knew more technically enough
to not compromise any machines for *hackers*...whatever that means. I
question his motives for doing so...and in questioning those motives, I
guess I don't see his documenting having any technically sound
proof...which is why I contended that he wasn't that technically savvy
to be trying to find any *proof* of anything on anyone, and that upper
management also seems to be pretty clueless. It's a vicious circle in
my opinion. Clueless people beating up clueless people. It will never
end...not as long as the lowest bidder always wins--which is what gov't
is built around.
firewall-wizards mailing list