Right said Omar, thats why security companies are investing million of $s and working on Products like NIDS, hIDS and other secuirty products like Vulnerability assessment/management etc.. Frank, don't you believe that a Techie can even harden a MS OS to protect it from Virus/Worm attack or from some vulnerability exploit attacks... But still he would like to keep his machine upto-date with MS patches and with antivirus service always running, may be hIDS running or probably with NIDS installed on network..just to get on safer side and to minimize the security risk and above all to go into relax mode by reducing administartive tasks... Same way IDS, HIDS, Antivirus all are protecting the networks,hosts at different layers...Leaving the Network administrators with least administrative work... If you want to see the Administrator running in company shouting "hey, theres spyware", "oops! I missed to harden this machine". In this case you can surely offer that job to Omar ;-)
-Dhruv --- Omar Herrera <[EMAIL PROTECTED]> wrote: > > > > -----Original Message----- > > From: Frank Knobbe [mailto:[EMAIL PROTECTED] > > Sent: Saturday, October 15, 2005 3:06 AM > > > > On Fri, 2005-10-14 at 10:03 +0100, Omar A. Herrera > wrote: > > [...] > > > I do agree with you that layered security is > always the best option, > > even if > > > there is some redundancy in some of the > activities performed by > > different > > > kinds of products. > > [...] > > > > > > What I'm trying to say is: > > > > Stop wasting your time wrapping more band-aids > around flaws! Start > > attacking the real problem and solve that! Stop > buying into the security > > buzz spun by security vendors promising the > all-curing pixie dust, and > > understand and correct the core root causes of the > problem yourself! > > > > If we don't look at the real issues anymore, then > all hope is lost. > > > > Yea right... it is easy to be a purist and just > point out at the right > theoretical solution. You are absolutely right, but > if making those changes > were just as simple as saying it... > > I'm not talking to the technological part of the > problem here, but to > administrative problem. You really think it is so > simple to just go with > your Boss and say: "Hey Boss, we need to replace all > those workstations with > X because of this and this, throwing away and > historic dependency of dozens > of versions for thousands of applications, many of > which don't exist for X > for several reasons, but we can simply develop them > ourselves"? > > You better offer me a job in your company (where it > seems it is possible to > do this), because if I do this, I'm certainly going > to get kicked out of > mine :-) > > Understanding and complying with business > requirements and restrictions is > also an essential part of our jobs, not just playing > the techie, all > powerful, know all wizard. > > Regards, > > Omar Herrera > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
