TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
On Sat, 21 Jul 2001, Johnny Kho wrote:
[tips on CLI in agents]
Thanx for the tips about the CLI on the agents. I will certainly
look into it, though I know for a fact that my management prefers an off
the shelf product to something we have to build ourselves (or we would have
used nessus :))
> Totally agreeable on the engineers and business precedence over security
> statement...sad to say IT or engineering careers always demands the most out
> of anyone's personal time and life. Business always rules and security as an
> afterthought ...sad reality and total diasaster when business is affected
> due to this oversight.
This is why I feel it is sad that the attitude (per my last email
about the 2 kinds of engineers) is that if you don't care, you go to
business school. I feel that if you don't care, you get out. Period. Oh
well :) Seriously though, I think everyone here should be educating their
management as to why security is actually good business sense (just like
backups and so on).
> Lastly, it is really a business case for a feature to be included. I have
> asked previously and presented with the following task...
>
> You will need to reflect the size of deployment; corporate implications
> faced and probably expected development path eg. growth
For me, you're looking at a company recognized around the world,
you are looking at corporate deployment for scanning _ALL_ our servers in
about 5 data centers (not including our subsidiaries) and 150,000
employees. Oh, we've been in the top 5 fastest response websites for a
long time too :) That's why our data center folks rulez! They know they
can't depend on NT for such things *evil grin* *tweaks those buttons* :)
> If you can consolidate this data for your organisation; push it through to
> your management; get someone higher up to sign off...
We have. Why do you think we still don't have it deployed.
However, times are hard, and budget cuts mean we have to go with something
that we have already paid for, rather than a brand new contract with
another company. No one on the team wants to run it on NT. No one in the
security dept (which I belong to) wants to run it or any other mission
critical or security software on NT.
> That will be a case for ISS guys to take note and get funds and manpower
> into the development task.
They have known about our concerns for a long time now. Until I
got on to the team, they don't have a person who's willing to speak up and
speak up loudly and publicly for what he feels is wrong. And sorry about
being inflammatory here guys, but running security software on a platform
where security is forced to take a back seat gets me just *right there* :)
-Tai
--
http://philip.greenspun.com/bg/
http://www.vcnet.com/bms/features/serendipities.html
http://www2.hunter.com/~skh/humor/admin-horror.html
http://www.despair.com/demotivators/cluelessness.html
