[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Bind News
- Subject: Re: [cobalt-security] Bind News
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Wed, 21 Mar 2001 10:22:25 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Nono. You don't have to pay for security. Anything a security consultant
can do, you can also do yourself for free. True, you have to spend time
to learn whatever it is you need to learn, but thats true with anything
computing, innit?
Network security has always been one of those things with indivuals have
driven with free information, and which corperations and indiviuals have
tagged along with and tried to make profit out of.
Gossi.
Not paying anybody to read logs and secure things on *lab6.com since
1997.
On Thu, 15 Mar 2001, Adam Sculthorpe wrote:
> It really is simple..
>
> Are you prepared to spend the appropriate time and/or money on security?
>
> NO - Get hacked
>
> YES - Reduce your chances of being hacked
>
> Remember when you bought your hardware, you handed over some cash. Remember when you
> bought that software the other day, you handed over some more cash. And you know that big fat
> graphics card you spent a fortune on to play counterstrike, hey you handed over more cash.
>
> You want some security, guess what?
>
> Regards,
>
> Adam Sculthorpe
>
> Internet Security Consultant
>
> *********** REPLY SEPARATOR ***********
>
> On 15/03/2001 at 11:25 Kevin D wrote:
>
> >From the below mentioned article:
> >
> >"The result? Perhaps the BL4F Crew summed it up best in a posting to the
> >Nintendo sites: 'Security is a complete myth on the Internet. It's
> >frustrating. That's what it is.'"
> >
> >Does anyone else have a real problem with this statement? I don't believe
> >security is a myth on the internet. I believe that the majority of systems
> >administrators don't understand the importance of security issues. These
> >major exploits were for a program for which patches have been available for
> >nearly a month. There is no excuse for the security team not having
> >installed these patches.
> >
> >My point is that it *is* possible to achieve real security on the internet.
> >It takes hard work, and constant vigilence, but it is possible. Whats
> >frustrating is that while I work hard to keep my server secure, there are
> >hundreds of other admins that through their lack of effort allow hackers to
> >use their machines to attack mine.
> >
> >I work for an IT outsourcing company, and I have seen many servers be made
> >"public" without so much as a single admin being responsible for their
> >security. The newest user-friendly server appliances make having your own
> >public server seem easy. The truth is that it is not easy. It takes work,
> >and time, even on a cobalt.
> >
> >The next time one of your clients says, "I'd like to host my own web
> >site..." show him this article.
> >
> >And look, I found a much better article that makes my point:
> >http://www.zdnet.com/tlkbck/comment/321/0,7091,107937-751498,00.html
> >
> >Kevin
> >
> >----- Original Message -----
> >From: "Gerald Waugh" gerald@xxxxxxxxx
> >
> >> Interesting article on Bind exploits.
> >> http://www.zdnet.com/intweek/stories/news/0,4164,2694514,00.html
> >
> >_______________________________________________
> >cobalt-security mailing list
> >cobalt-security@xxxxxxxxxxxxxxx
> >http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>