On Tue, 2005-05-10 at 10:24 -1000, Scott Weeks wrote:
> Don't give folks that have access to machines that hold sensitive
> info the ability to download software unless you know they're savvy
> enough to do so safely.
I don't see that as root of the problem.
To me the real problem is in the
: Eventhough this article wasn't specifically regarding network operations, it
: does come down to the most fundamental of network operating practices.
: Create policies and the procedures that enable those policies. Then enforce
: them VERY strictly.
: Folks that handle sensitive info (proprie
es trying to keep things right!
Scott
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Scott Weeks
Sent: Tuesday, May 10, 2005 2:16 AM
To: [EMAIL PROTECTED]
Subject: Re: Internet Attack Called Broad and Long Lasting by Investigators
Eventhough th
This part:
"The crucial element in the password thefts that provided access
at Cisco and elsewhere was the intruder's use of a corrupted
version of a standard software program, SSH. The program is used
in many computer research centers for a variety of tasks,
ranging from
Eventhough this article wasn't specifically regarding network operations,
it does come down to the most fundamental of network operating practices.
Create policies and the procedures that enable those policies. Then
enforce them VERY strictly.
The crucial element in the password thefts that