RE: [Full-Disclosure] RE: power, corruption and lies

• Previous message: Schmehl, Paul L: "RE: Re[2]: [Full-Disclosure] pissed off"
• In reply to: Ron DuFresne: "Re: [Full-Disclosure] RE: power, corruption and lies"
• Next in thread: fxr_at_hushmail.com: "Re: Re[2]: [Full-Disclosure] pissed off"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <full-disclosure@netsys.com>
Date: Tue, 29 Apr 2003 09:25:33 +1200

You know, the worse part is that there will be
people reading this list thinking "Whats this got
to do with 'full disclosure'? Whats this got to
do with security?"

Its totally relevent; security considerations
and vulnerabilities start WELL before a computer
system is connected to the internet. Well before
its powered up for the first time. Even before
the computers have their software and OS installed.

It starts with decisions taken by executives, managers
or 'general public' who go out and buy a computer
at some computer mega-mart complete with free years worth
of AOL account.

The mind set of these sorts of people is *key* to establishing
security of the internet.

Theres no point closing the stable door (applying patches)
after the horse has bolted (management decided to buy SCO UnixWare,
for example).

> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com
> [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
> Ron DuFresne
> Sent: Tuesday, 29 April 2003 4:01 a.m.
> To: yossarian
> Cc: jasonc@science.org; Steve Wray; full-disclosure@netsys.com
> Subject: Re: [Full-Disclosure] RE: power, corruption and lies
>
>
>
>
> You have to understand, UPPER Management, once it exists, cannot be
> destroyed except by death or calamity. Thus while your CEO might well
> drive your corporation into banruptcy, rest assured that a
> few weeks and

[huge great snip, this is archived somewhere anyway]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Schmehl, Paul L: "RE: Re[2]: [Full-Disclosure] pissed off"
• In reply to: Ron DuFresne: "Re: [Full-Disclosure] RE: power, corruption and lies"
• Next in thread: fxr_at_hushmail.com: "Re: Re[2]: [Full-Disclosure] pissed off"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Actual Security Cases ... Educate your manger on the importance of Security.Tell him,Security should ... Management to Technical).I come across lot of security related incidents ... I know that it's a risk to forward corporate mail to internet ... >opinion the stories in the book "Tangled Web" are just a starting point ... (Security-Basics) RE: CISSP-ISSMP ... management say "that's nice", and move on. ... education, certification, experience, know-how, abilities, and ... Many 'security jobs' are nothing shy than that of an overly glorified ... Download FREE whitepaper on how a managed service ... (Pen-Test) RE: security not a big priority? ... But I have found that upper management will only ... and push out the changes; management has to have this information to ... Network Security Engineer ... Network team with Project Management tasks. ... (Security-Basics) RE: Down with DHCP!!!! ... Managing/monitoring the DHCP pools as assignments yourself ... -Other management tools as in Asset ... Security Administrator ... Network Operations-ICW Group ... (Security-Basics) Re: [fw-wiz] Securing a Linux Firewall ... site, management wants to use IM/ICQ/etc, different businuss groups want ... protocols from the ground up to fix the issues of security. ... > a minimal install as Known Good is an act of hopeful optimism that I ... need a whole department broken into OS/hw groups to maintain proper builds ... (Firewall-Wizards)