It doesn't surprise me in the least, this kind of normal buisness practice
creeping into the network security area. Almost anyone can get a
MCSE, or a drivers license, regardless of their ability to
adhere to the "standards" these documents proclaim the holder to possess.
Security through obscurity having been proved to be insecure, people still
use closed source OS' as the foundation of a secure network. The reason?
Profit. This incident is just a more naked and revealing case of the
current state of affairs.
Does this mean I'm some sort of OS/firewall/security guru? No, and in
fact, I'm not, nor do I proclaim to be one. That's my point, isn't it.
"I'm ready to tell you my secret, I see dumb people. They're everywhere,
and they can't see each other."
The Sixth Cents.
On Mon, 13 Sep 1999, Burgess, Jeff wrote:
>
> Frank,
> I just thought you should see how your vendors are dealing with you.
> I would definitely take what corrective action you are allowed in your
> area, and not deal with this guy again... You may want to spread the word
> as well to other local area businesses.
> Network security is a very serious issue, and people like this make me
> sick my preying on less knowledgeable individuals.
>
> Here is the info to the Better Business Bureau:
>
> http://www.bbb.com/
>
> Council of Better Business Bureaus, Inc.
> 4200 Wilson Blvd., Suite 800
> Arlington, VA 22203-1804
> Phone: (703) 276-0100
> Fax: (703) 525-8277
>
>
> -----Original Message-----
> From: Benjamin Filippelli <[EMAIL PROTECTED]>
> To: NT System Admin Issues <[EMAIL PROTECTED]>
> Date: Saturday, September 11, 1999 11:56 PM
> Subject: [ntsysadmin] Re: 9/9/99 Bug
>
>
> |Funny you mention that, we recently did a network for a homeless shelter
> |organization and connected their two offices via frame. We wanted to put at
> |least proxy on it, since they only paid like 10 dollars for it under the
> |'non profit' rules from microsoft. However, they didnt want to spend the
> |extra 400 bux for labor. The guy looked right at me and said in his own
> |words "Luckily, we are a homeless organization, and no one cares about us"
> |after being up for less than 120 days and having his mail server
> |compromised, we are installing fw-1 next week ;).
> |
> |
> |at double the rate I might add heh heh
> |
> |
>
>
>
> -----Original Message-----
> From: Jan Kalicki [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, September 12, 1999 4:27 AM
> To: NT System Admin Issues
> Subject: [ntsysadmin] Re: 9/9/99 Bug
>
>
> I usually don't care about peoples business practices but I agree with Marc
> on this one, anyone who ENJOYS the fact that they can charge twice of work
> is (in this case) morally homeless.
>
> You reap what you sow
>
> Jan Kalicki
>
> -----Original Message-----
> From: Marc [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, September 11, 1999 5:10 PM
> To: NT System Admin Issues
> Subject: [ntsysadmin] Re: 9/9/99 Bug
>
>
> Well.. Personally I would not go around saying "We setup a network, it got
> hacked, now we are resetting it up to be secure and charging them out the
> a$$." Especially if the client was a non-profit organization who tries to
> help the homeless. So personally I would not feel to good... for the fact
> that I setup an insecure network and for the fact I profited off it, twice.
>
> Please don't take any of the above personal... its just that .. I guess it
> reminded me of how 70% of the network/security companies do "business" and I
> usually find myself reaching for the nearest bag to puke in.
>
> Also ... FW-1 means nothing if we are dealing with an incoming mail server
> that has remote flaws... people will still be able to break in.
>
> Signed,
> Marc
> eEye Digital Security Team
> http://www.eEye.com
>
> "I live a world of paradox. My willingness to destroy is your chance for
> improvement. My hate is your faith. My failure is your victory. A victory
> that won't last."
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
