Re: [JOB / Recommendation] Evil documentation

2002-07-18 Thread David Cantrell
On Tue, Jul 16, 2002 at 02:37:55PM +0100, Chris Benson wrote: > On Tue, Jul 16, 2002 at 01:24:22PM +0100, Jonathan Peterson wrote: > > My company needs some security policies and procedures documentation. > > > > I have no intention of reducing my own sanity by actually sitting down > > to writ

Re: [JOB / Recommendation] Evil documentation

2002-07-17 Thread Greg McCarroll
* Richard Clyne ([EMAIL PROTECTED]) wrote: > Having been involved in producing these sort of policies for my company, > I think it will take a lot longer for them to be produced, unless you > don't mind having unenforceable policies from an HR perspective. > One of the ways to get around the e

RE: [JOB / Recommendation] Evil documentation

2002-07-17 Thread Richard Clyne
chard -Original Message- From: Jonathan Peterson [mailto:[EMAIL PROTECTED]] Sent: 16 July 2002 13:24 To: [EMAIL PROTECTED] Subject: [JOB / Recommendation] Evil documentation My company needs some security policies and procedures documentation. You know, the kind of thing that says in wr

Re: password expiry (was Re: [JOB / Recommendation] Evil documentation)

2002-07-16 Thread Aaron Trevena
On Tue, 16 Jul 2002, Michael Stevens wrote: > On Tue, Jul 16, 2002 at 01:34:19PM +0100, Nicholas Clark wrote: > > I'm not convinced that frequent password changing is good, because I find > > it seems to lead to either frequent password resetting by administrators > > (with inherent social engine

Re: [JOB / Recommendation] Evil documentation

2002-07-16 Thread Chris Benson
On Tue, Jul 16, 2002 at 01:24:22PM +0100, Jonathan Peterson wrote: > My company needs some security policies and procedures documentation. > > I have no intention of reducing my own sanity by actually sitting down > to write all this. So, does anyone know of any freelancers or cheap Good move

Re: password expiry (was Re: [JOB / Recommendation] Evil documentation)

2002-07-16 Thread Jonathan Peterson
Michael Stevens wrote: > On Tue, Jul 16, 2002 at 01:34:19PM +0100, Nicholas Clark wrote: > >>I'm not convinced that frequent password changing is good, because I find >>it seems to lead to either frequent password resetting by administrators >>(with inherent social engineering vulnerability) or

password expiry (was Re: [JOB / Recommendation] Evil documentation)

2002-07-16 Thread Nicholas Clark
On Tue, Jul 16, 2002 at 01:24:22PM +0100, Jonathan Peterson wrote: > My company needs some security policies and procedures documentation. > You know, the kind of thing that says in writing "Users must change > passwords every 30 days" and "Changes to firewall configuration must be Personally

[JOB / Recommendation] Evil documentation

2002-07-16 Thread Jonathan Peterson
My company needs some security policies and procedures documentation. You know, the kind of thing that says in writing "Users must change passwords every 30 days" and "Changes to firewall configuration must be approved in writing by the CTO" and so on. I have no intention of reducing my own sa