Michael J McCafferty wrote: > I was not involved with American Express, CNN, or the SD Courts, and I > don't have any knowledge of those specific incidents however some of the > "others" you imply or do not name specifically I was involved with... > one government example was shut down for a few days for major > architectural changes to the network security infrastructure at about > that time. The cleanup/disinfection/forensic investigation performed for > the cracked systems was handled in the traditional way without delay or > extraordinary effort. But, those that handled the security compromise > illustrated to the organizations management how likely it was that they > would get owned again immediately and how irresponsible their current > setup was given the type of data stored and transmitted. I was impressed > with how quickly a government office approved the proposed fixes which > involved budgetary commitments and operational changes including 24x7 > human monitoring of intrusion detection/prevention systems and firewalls > for both ingress and egress traffic.
Perhaps you would consider giving a talk sometime about "network security infrastructure" or some related subtopic? Even simple anecdotal stories of your personal experiences would be something I'd like to hear. >.. Regards, ..jim -- KPLUG-List@kernel-panic.org http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
