Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: What could have been done differently?

  • From: E.B. Dreger
  • Date: Tue Jan 28 07:44:27 2003

SD> Date: Tue, 28 Jan 2003 03:10:18 -0500 (EST)
SD> From: Sean Donelan


[ snip firewalls, audits, et cetera ]

As most people on this list hopefully know, security is a
process... not a product.  Tools are useless if they are not
applied properly.


SD> Are there practical answers that actually work in the real
SD> world with real users and real business needs?

It depends.  If "real business needs" means management ego gets
in the way of letting talented staff do their jobs, having to
form a committee to conduct a feasibility study re whether to
apply a one-hour patch that closes a critical hole, drooling
over paper certs... the answer is no.

Automobiles require periodic maintenance.  Household appliances
require repair from time to time.  People get sick and require
medicine.  Reality is that people need to deal with the need for
proper systems administration.

It might not be exciting or make people feel good, but it's
necessary.  Failure has consequences.  Inactivity is a vote cast
for "it's worth the risk".

Sure, worm authors are to blame for their creations.  Software
developers are to blame for bugs.  Admins are to blame for lack
of administration.  The question is who should take what share,
and absorb the pain when something like this occurs.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@brics.com>
To: blacklist@brics.com
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@brics.com>, or you are likely to
be blocked.





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.