Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id <S132769AbRC2QwX>; Thu, 29 Mar 2001 11:52:23 -0500
Received: (majordomo@vger.kernel.org) by vger.kernel.org
	id <S132795AbRC2QwO>; Thu, 29 Mar 2001 11:52:14 -0500
Received: from mx2out.umbc.edu ([130.85.253.52]:9143 "EHLO mx2out.umbc.edu")
	by vger.kernel.org with ESMTP id <S132769AbRC2QwI>;
	Thu, 29 Mar 2001 11:52:08 -0500
Date: Thu, 29 Mar 2001 11:51:26 -0500
From: John Jasen <jjasen1@umbc.edu>
X-X-Sender: <jjasen1@irix2.gl.umbc.edu>
To: "Richard B. Johnson" <root@quark.analogic.com>
cc: <linux-kernel@vger.kernel.org>
Subject: Re: Linux connectivity trashed.
In-Reply-To: <000701c0b854$f2cf4f10$1428b2cc@DJLAPTOP>
Message-ID: <Pine.SGI.4.31L.02.0103291144580.1722949-100000@irix2.gl.umbc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 29 Mar 2001, Richard B. Johnson wrote:

>snipped<

First mistake:
	your security administrator relied on the firewall for protection.
It is an _aid_ to security; not the 'be all and end all'. IOW, the hosts
weren't hardened to resist penetration in case the firewall didn't cover
it.

Second mistake:
	your security administrator didn't make known the changes taking
place, so that clueful users could have taken some preventative steps on
their UNIX boxes.

Third mistake:
	your security administrator either didn't know about; didn't care
about; or didn't act on security problems for linux and solaris -- which
have been posted, discussed, and addressed on many general or OS-specific
security lists.

Fourth mistake:
	your security administrator, rather than address the problems, is
sticking his head in the sand and mumbling 'Windows' -- which, as an OS,
is a christmas tree where every bauble says 'please hack me!'.

In short, your security administrator needs to be dragged out, shot, and
left hanging by the front door as a warning to his replacement.

Or, at least fired.

-- 
-- John E. Jasen (jjasen1@umbc.edu)
-- In theory, theory and practise are the same. In practise, they aren't.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/