>From the below mentioned article:
"The result? Perhaps the BL4F Crew summed it up best in a posting to the
Nintendo sites: 'Security is a complete myth on the Internet. It's
frustrating. That's what it is.'"
Does anyone else have a real problem with this statement? I don't believe
security is a myth on the internet. I believe that the majority of systems
administrators don't understand the importance of security issues. These
major exploits were for a program for which patches have been available for
nearly a month. There is no excuse for the security team not having
installed these patches.
My point is that it *is* possible to achieve real security on the internet.
It takes hard work, and constant vigilence, but it is possible. Whats
frustrating is that while I work hard to keep my server secure, there are
hundreds of other admins that through their lack of effort allow hackers to
use their machines to attack mine.
I work for an IT outsourcing company, and I have seen many servers be made
"public" without so much as a single admin being responsible for their
security. The newest user-friendly server appliances make having your own
public server seem easy. The truth is that it is not easy. It takes work,
and time, even on a cobalt.
The next time one of your clients says, "I'd like to host my own web
site..." show him this article.
And look, I found a much better article that makes my point:
http://www.zdnet.com/tlkbck/comment/321/0,7091,107937-751498,00.html
Kevin
----- Original Message -----
From: "Gerald Waugh" [EMAIL PROTECTED]
> Interesting article on Bind exploits.
> http://www.zdnet.com/intweek/stories/news/0,4164,2694514,00.html
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
