On Fri, 8 Oct 1999, Brian Steele wrote:
> We block all sites except for approved ones. Moving to this security policy
> after allowing unlimited access is a bit like trying to stuff the genie back
> into the bottle after you've let him out :-).
Heh, boy can I relate. I just took a job a medium size company
as the head web/dns/email guy and since I have a background in security
my boss asked me to look at their security.. wow..what a nightmare.
I am gonna need a hell of a big bottle to stuff this genie back in.
Needless to say I am now focused totally on security after I presented
a huge vulnerability report. We already had several security policy
meetings with all the departments.
It was like a bunch of cats fighting in a blackboard factory. Boy
I really know how to stir up the pot:)
Mike
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
