> -----Original Message----- > From: Ron DuFresne [mailto:[EMAIL PROTECTED] > Sent: Thursday, 31 July 2003 10:20 a.m. > To: Bojan Zdrnja > Cc: [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] Avoiding being a good admin - > was DCOM RPC exploit (dcom.c) > > Cool, perimiter security and forcing users to text only based e-mail > clients liek e-mail was intended <grin>.
See Paul's post about recommending that to a dean, VP or whatever else. > Eucation works poorly. Educate you users and then 30 minutes later some > of thm will go to their everything-AND-the-kitchen-sink desktop OS, click > on that same mass mailed exe you just told them not to click on, and > reopen the need to once again re-educte your userbase cycle. Of course 9 Then you are a bad teacher. A good teacher will deliver that knowledge to his students in a way that will let it stay in their minds. > out of 10 times it;s going to be one of the upper mgt folks that pushed > for the employee education project that does the uncondoned clicking of > that exe... We can fight against that with other layers of security. However, only education will raise security awareness. Regards, Bojan Zdrnja _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
