> Let me give you a scenario. I, Unlucky Ben, have just left XYZCorp after > a disagreement with my manager. Said manager, Evil Bill, decides to have > the last word. Having access to all the servers, Evil Bill extracts the > private key from the Baltimore UniCERT server, just as it is in the > process of whipping up another ham omlette. Armed with the private key, > Evil Bill fakes up firewall logs showing me logging in via VPN to the > firewall, accessing one of the servers and defacing the XYZCorp website > with pictures of camels in sexual congress. Signing the logs with the > private key, Evil Bill (who seems to know a lot about this sort of stuff > for a manager) then replaces yesterdays logs on the collector with the > new, signed logs, calls the FBI and off I go (apparently) to jail, where > a large man called Susan wants to be my special friend. Unlucky.
Just show him the pictures of the camels. That ought to give Susan pause. Or maybe not. Maybe Susan AND the camels will insist on being your special friend. Now aren't you a lucky guy. Kidding aside a very good point. And well taken in this security adled time. Patricia Brown, CNA5, MCP, A+, CUSA Desktop Support Analyst [EMAIL PROTECTED] _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
