> Tim,
>
> An intelligent person knows where to get information and admits he
> doesn't know everything. Jeffery's logic makes sense to me.
[Feeney, Tim] What I was commenting on is not his lack of
knowledge. Him knowing of this list and using it was more than a lot of
people know how to do. What I was commenting on was the "I am just the
auditor ..." message. It is a dangerous attitude to have when performing an
auditing role. If you do not have a general knowledge of things then the
admins can quite easily pull the wool over your eyes. In his initial
question he asked about proving there was no .rhosts file. Well the admin
can just do and "ls" of each home directory and there is the proof there is
no .rhosts file. This holds true unless you know that an "ls" would not
show dotted files. Not brain surgery but it is important.
> He doesn't
> know something and he asks those who do. Unfortunately he (and everyone
> else) gets replies from those who feel a need to show us just how
> brilliant
> they really are.
[Feeney, Tim] I was far from showing how brilliant I am in that
post :^) I am not a security expert, nor do I play one on tv. The point
was that a general knowledge is needed to perform the auditing function. I
did not comment on him, his intelligence, or that Big 6 firms are full of
idiots.
> It is one thing to be stupid - it is another thing to open your mouth
> and prove it.
[Feeney, Tim] It is one thing to be an ass, it is another thing to
prove it.
> I have a question for you. Differential Manchester Encoding. What is
> this? Does it go through a firewall?
[Feeney, Tim] Don't know but you can find out more about it at
http://www.seeq.com/80208023A.html .
Regards.
[Feeney, Tim] PS. Jeffrey the "good luck" was sincere, even though
when I reread the post it came across as snide.
> -----Original Message-----
> From: Feeney, Tim [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, March 11, 1999 7:27 AM
> To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
> Subject: RE: Audit Issues
>
> Given this logic I should be able to go in and audit the financial
> books for
> my company. I would be the auditor, not the person doing the books.
> The
> point that needs to be understood is that you need (at least) an
> intermediate knowledge of firewalls and security in order to provide
> a
> decent audit for your customers. Do you need to know the 7 layers
> of the
> OSI model? Not really but you should understand the difference
> between an
> application gateway and a packet filtering firewall. Good luck with
> your
> auditing career.
>
> Tim
>
> > -----Originarl Message-----
> > From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
> > Sent: Wednesday, March 10, 1999 8:45 PM
> > To: [EMAIL PROTECTED]
> > Subject: Audit Issues
> >
> > My thanks to all the members of the list who answered my questions
> about
> > audit
> > issues privately! Thank you! You are a great resource. I am the
> auditor
> > not the
> > person installing the firewall!
> >
> > Jeffrey Loewenstein
> > [EMAIL PROTECTED]
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
