"Peter Walker : CISSP, CSS1, CIP wrote: > > Gaz wrote: > > > > > I use Windows XP remote desktop to a home PC and connect to > everything > > else from there. Bit of a strange set-up, but I use Internet > Connection > > sharing on the XP box and all the routers sit behind that. > > I suppose the security may not be wonderful?? > > No it isnt unless you have put some work into the security of > this > machine. > > > but to be honest I don't > > care. The XP machine can be re-built in minutes (ish). > > > It can once you realised it has been cracked. How > quickly do you think you can spot that it has happened? > Are you also volunteering your time and money to fix any > systems that are attacked from your machine? > > > Peter Walker > > PS. Sorry if I seem a bit harsh, but the fact is that in > my experience most 'attacks' that I have experienced originate > from poorly secured machines that people have foolishly placed > on the net. >
I agree with you, Peter. Recently I was at a conference with some security gurus. They were working on a system for ISPs to automatically notice and report to each other security problems. The system required the ISP to have an automomous system number. I pointed out that some ISPs don't have such a thing. There are still quite a few small ISPs that depend on other ISPs who depend on other ISPs, etc. The gurus sort of laughted at me. But really, a lot of the attacks are going to come from Grandma's PC that Grandson forgot to secure when he set up an ISP in his bedroom. If that's a bit extreme, I would also say that a lot of attacks are going to come from compromised computers behind cable or DSL modems, where the slightly larger ISP didn't stress security enough either. That's my $0.02 anyway. Comments?? Priscilla Oppenheimer Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=54902&t=54768 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]