David Gillett wrote:
>
> On 7 Jun 2001, at 19:01, Zachary Uram wrote:
>
> > Why are ISPs so uncooperative?
> > Isn't it in *their* best interest as well to limit needless
> > bandwidth on their networks?
>
> ONLY if the ongoing cost of filtering out that bandwidth is less
> than the ongoing cost of owning the extra capacity to carry it. And
> I'd bet that the latter always comes out negligible....
> [This assumes, of course, that they define "best interests" in
> terms of the quarterly bottom line.]
>
Great point. Isn't that also the case with just about everyone in the
chain? Everyone needs to make some effort and take some of the
responsibility for securing systems/networks.
How many people here have done a security assessment for a customer and seen
them not correct the problems that were pointed out to them? I'd bet
everyone. I'd also bet that every security assessment -- even the poorly
done ones -- state somewhere that the customer needs to stay on top of
patches for all firewalls/servers/etc. How often do you expect that fairly
simple task is done? The recent spate of IIS defacements speaks volumes to
that point.
There are even relatively easy free tools available for the most clueless
computer users. Steve Gibson's web page port scanner and MS's Windows
Update utility are good examples. There are always going to be
vulnerabilities in software. Especially in those that are targeted for the
general masses. Look at how long McDonalds has been selling hamburgers. An
infinitely simpler process than designing a piece of software (let alone a
whole OS), yet the occasional animal/human body part still shows up.
There are plenty of processes that are easy and cheap, especially in
contrast to the consequences of not performing them, yet people don't do
them (auto care, dental care, health care, etc). I guess the point I'm
trying to make is that we'll all have jobs for the foreseeable future. ;-)
____________________________________________
Above opinions are mine and not necessarily
those of my company, ISP, family, etc.
#include <std_disclaimer.h>
David Caplan dac<AT>tresys.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
