On Oct 9, 2007, at 12:41 AM, Alan Altmark wrote:
But the true gems in it are about human behavior: Failure to change
the
default passwords, failure to use an ESM to eliminate the need for
minidisk passwords, failure to reject trivial passwords, failure to
set a
low number for lockout of a userid due to excessive invalid passwords
within some time interval, putting mdisk passwords in EXECs, and so
on.
Most of those technology cannot fix.
Sure they can! Cutting the power is a technological fix.
Adam
