On Wed, 05 Sep 2007 16:52:56 EDT, Dude VanWinkle said: > On 9/5/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > 1) Only allow whitelisted systems - we have a *lot* of boxes that we only > > allow access to AS1312 systems, or specific subnets thereof. Works great, > > and > > the subnets move a lot less than botted systems. > > and if the whitelisted subnets get hacked? Whats your plan then? Baseball bats. :) But seriously, we've got some 1,100 SNMP-managed switches and 1,300 or so wireless APs on our network, and we've got pretty much of a handle on how to deal with a compromised box. We've even got things in place to deal with the case of a compromised box on our management plane (and they're more concrete than just "Oh shit..." ;) > I would buy that, just for kicks.. and BTW/FYI an alarm system will > only keep out dumb burglars (I.e.: the hamburglar). I said a security system, not an alarm system. Note that some places have *very* *good* security systems in place (bank vaults, those types of sites that actually buy GSA Class 5 document containers, most nuclear warheads when they're not on tour, and so on... ;)
pgpyNiwQWKj5S.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
