Get ready to a long lecture(just felt like writing a novel, but instead I wrote a smartass kinda letter): this just show how naive are administrators today. anyway, as u know or not know u don't have to be a hacker today to do what the hell u want. if I wanna surf whatever the bleeping I want, I can do it and be sure every person who know how to operate a computer. I have a dozen ways in mind. well, its pretty twisted as security guys goes but that's not saying it can't be done. your system can be hacked and any security system in the world can be hacked with a butter knife. in fact there isn't a security system safe from a little creative thinking by your usual or not usual cracker or hacker. the former is what you gotta watch out from. I am telling you, from a security point of view(POV) you must dump this thinking right now or you are gonna get burned, or at least loose face with your boss (if you are the boss then disregard). Anyway, seeing hackers 2 with the script writers taking their creative liberties to new heights doesn't make you a security expert. Even if this movie is making an actual description of reality I would beg the differ it have something to do to this discussion. mitnick is what you call a social engineering dude. these guys have evolved from the gentlemen hasslers of the 18 century. they use their brains to mess with yours, and actualyhave limited understanding of what goes beneath. the problem with mitnick is that: a) he is not a gentlemen, maybe a moron + but thatsthat. b) has what we call narcissism++.
this is why he was caught. but mitnick or even crackers are not, I repeat not your real problem. they are a transient beings who seldom attack your system, especially if they are not going to profit on you. and the hackers are harmless, just cursing for some publicity. what you REALLY really watch out from is the disgruntled worker who knows he is gonna get fired. you know what's the dumbest thing to do with a worker you just fired? giving him 2 weeks or even worse 1 month notice. I don't know what is your backup policy but most of the attacks that damaged companies came from their own employees. you say, what are these nice and silent guys are gonna do. let me give you a realization of the situation: 1) if your company is doing long term calculations, the disgruntled employee can just mess up a few bits or two at the start of the calculation and mess up a month work. 2) if you have a 2 weeks / month of backup cycle, the worker can put an encryption on some or all of the material with a pretext and then when he leaves he can make the private keys disappear. 3) he can mess up some of the database that are used to doing statistical inference, and cost the company a huge amount of money by miss prediction. 4)... and on and on, as there are endless ways in a twisted mind to destroy some else's creation. well, that's it folks, I had enough lecturing for one day. * - * - * Tzahi Fadida [EMAIL PROTECTED] Technion Email: [EMAIL PROTECTED] My Cool Site: HTTP://WWW.My2Nis.Com * - * - * - * - * - * - * - * - * - * WARNING TO SPAMMERS: see at http://members.lycos.co.uk/my2nis/spamwarning.html > -----Original Message----- > From: Robert Wallner [mailto:robert@;elinux.eu.org] > Sent: Wednesday, October 30, 2002 10:03 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: upcoming java ssh2? > > > On Wednesday 30 October 2002 17:20, Tzahi Fadida wrote: > > i disagree, since as long that there will be free access to internet > > I don't think corporate employees using their windoze box to > run kazaa and > other crap can be called "free internet access" > AAMOF, I run several networks full of idiots trying to bypass > network's and > company's policies. I don't give a dime about them screwing > their beloved > crappy desktop, but I care when a dumb ass chews up all > available bandwith > using a service he isn't supposed to > > > so what i am trying to say is that there is no way to > restrict a person > > while working on the internet if he doesn't want to be > restricted, short > > of arresting that man > > As long as you are connected behind a decent network > administrator's filtering > gateway, there is always a way to restrict what you can do > and what you > can't > > > ...(i.e: if you can find him:) > > I also saw "Hackers 2", but they finnaly caught him :) > > Regards, > Robert Wallner > > > > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
