Re: Small ISP/ASP security concerns
From: Ben Okopnik (fuzzybear@pocketmail.com)Date: 07/23/01
- Previous message: Matthew Leeds: "RE: Port scanning"
- In reply to: Oliver Rochford: "Re: Small ISP/ASP security concerns"
- Next in thread: Lucian MATEESCU: "RE: Small ISP/ASP security concerns"
- Next in thread: Steve Willis: "RE: Small ISP/ASP security concerns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 22 Jul 2001 20:29:34 -0400 From: Ben Okopnik <fuzzybear@pocketmail.com> To: security-basics@securityfocus.com Subject: Re: Small ISP/ASP security concerns Message-ID: <20010722202933.B450@pocketmail.com>
On Thu, Jul 19, 2001 at 10:12:54AM +0200, Oliver Rochford wrote:
> My advice, although it is a very drastic measure, is to setup a mock hack.
> Get someone to actually demonstrate to the company how vulnarable they are,
> and let something get hit hard that is really important (without destroying
> anything permanently, obviously).
> The only way some people learn, is through feeling the consequences.
The only problem with *that* is that you, the admin, get fired for
incompetence - and your friend who does the "mock hack" goes to jail.
Management, when _proven_ to be fools, does not react by becoming
enlightened; instead, they take revenge on people who showed them to be
fools.
Ben
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Don't accept your dog's admiration as conclusive evidence that you
are wonderful. -- Ann Landers
- Previous message: Matthew Leeds: "RE: Port scanning"
- In reply to: Oliver Rochford: "Re: Small ISP/ASP security concerns"
- Next in thread: Lucian MATEESCU: "RE: Small ISP/ASP security concerns"
- Next in thread: Steve Willis: "RE: Small ISP/ASP security concerns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
