[71068] in North American Network Operators' Group
Re: IT security people sleep well
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Mon Jun 7 22:20:50 2004
To: Stephen Sprunk <stephen@sprunk.org>
Cc: North American Noise and Off-topic Gripes <nanog@merit.edu>
In-Reply-To: Your message of "Mon, 07 Jun 2004 20:46:36 CDT."
<02ea01c44cfa$83817190$6401a8c0@stephen>
From: Valdis.Kletnieks@vt.edu
Date: Mon, 07 Jun 2004 22:20:27 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-742344690P
Content-Type: text/plain; charset=us-ascii
On Mon, 07 Jun 2004 20:46:36 CDT, Stephen Sprunk said:
> In spite of all that, I do encourage using SSH whenever possible, but
> believing there is no cost associated with doing so is foolhardy. Depending
> on the perceived level of threat, one might consider other security projects
> to be a higher priority. We all have to deal with limited funding and
> staffing for projects, even for critical functions like security.
Amen to that. It's the rare shop indeed that internal security projects are
high priority - are there *any* shops where "track down user XYZ and smack
them upside the head *again*" isn't the most pressing issue, with "Find a way
to muzzle XYZ so they can't click on it *again*" is number 2?
(I suspect the two categories of shops are "Yes, *again*", and "Usage of
live ammo is a realistic option"... ;)
--==_Exmh_-742344690P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAxSJqcC3lWbTT17ARAtPGAKDCDlbe23281+kiyKOR85uTAfCcfwCgtz+V
waYsoINgkir5kUgwGTV2eT4=
=MoBD
-----END PGP SIGNATURE-----
--==_Exmh_-742344690P--
