Re: [Full-disclosure] Need some help with management

From: Paul Schmehl <pschmehl_lists@xxxxxxxxx>
Date: Thu, 22 May 2008 12:24:35 -0500

--On Thursday, May 22, 2008 09:51:01 -0700 Daniel Sichel
<daniels@xxxxxxxxxxxxxxxx> wrote:

My management here wants to put a server on our LAN, not administered by us
(the IT department) and use a share on it to serve files and data to our
workstations. They do not understand why having a server with a file share
that is NOT part of our secure infrastructure represents a threat to the
computers accessing it. Keep in mind this is an all Windows network. Sooo, if
you guys can succinctly explain why having a trusted computer trust an
untrusted computer is a problem, that would be helpful. Keep in mind we are
talking to management here. It’s kind of like trying to explain why, when
you are in the United States, it’s a bad idea to drive on the left hand
side of the road. It’s just so basic it’s not documented anywhere. So,
please help me explain why netbios and file shares on machines not within
your network are bad ideas.

OK.

So, Mr. PHB, why is it that your chauffeur stays with your limo when you're not
there? Because you don't want to trust your limo to just anybody?

:-)

--
Paul Schmehl
As if it wasn't already obvious,
my opinions are my own and not
those of my employer.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Need some help with management
  - From: Kurt Dillard

References:
- [Full-disclosure] Need some help with management
  - From: Daniel Sichel

Prev by Date: Re: [Full-disclosure] Need some help with management
Next by Date: Re: [Full-disclosure] Need some help with management
Previous by thread: Re: [Full-disclosure] Need some help with management
Next by thread: Re: [Full-disclosure] Need some help with management
Index(es):
- Date
- Thread

Relevant Pages

eGroupWare (was Re: [opensuse] wheres novell? (bit of a rant))
... For server end Synchronisation there is also Funambol/Sync4j ... Project management, knowledge base, wiki, accounting, ... from my experience of using egw on a kind of extended trial... ... this is something I believe Funambol does better. ...
(SuSE)
Managing our complete company using Microsoft products
... Directory, Mail Server, File Server and Print Server. ... Directory and network, while the other one has 6 peer-to-peer Windows 2000 ... We do not have a system administrator, and we do not have the resources or ... who wrote this are doing all of their project management and enterprise ...
(microsoft.public.project)
Managing our complete company using Microsoft products
... Directory, Mail Server, File Server and Print Server. ... Directory and network, while the other one has 6 peer-to-peer Windows 2000 ... We do not have a system administrator, and we do not have the resources or ... who wrote this are doing all of their project management and enterprise ...
(microsoft.public.office.misc)
Re: Leveling by ID vs. "Standard"
... of this trade called Project Management. ... a database for the "Project Tables," ... to write reports on data from the server database. ... product supporting queries created with SQL. ...
(microsoft.public.project)
Re: Package Cannot Be Located
... There was any entry in the System Management ... container for the old server. ... "Bernie Kilshaw" wrote: ... I'd then install a new client and check that it picked up the new MP data. ...
(microsoft.public.sms.misc)