On Mon, 07 Jun 2004 20:46:36 CDT, Stephen Sprunk said: > In spite of all that, I do encourage using SSH whenever possible, but > believing there is no cost associated with doing so is foolhardy. Depending > on the perceived level of threat, one might consider other security projects > to be a higher priority. We all have to deal with limited funding and > staffing for projects, even for critical functions like security.
Amen to that. It's the rare shop indeed that internal security projects are high priority - are there *any* shops where "track down user XYZ and smack them upside the head *again*" isn't the most pressing issue, with "Find a way to muzzle XYZ so they can't click on it *again*" is number 2? (I suspect the two categories of shops are "Yes, *again*", and "Usage of live ammo is a realistic option"... ;)
pgpV2aEoU8lCc.pgp
Description: PGP signature
