Moderator reminder: this isn't patching related. Reminder to move the
conversation over to the ntsysadm list please.
Determine what countries you do business in. Block all non essentials
companies at the firewall.
Egress filtering rules.
Susan Bradley
http://blogs.msmvps.com/bradley
http://www.runasradio.com/default.aspx?showNum=390
On 12/16/2014 2:24 PM, Julian Harper wrote:
I agree, but unfortunately those systems are well out of reach for most
companies, who do not have the time, resources, money or know how to do it.
Julian Harper
IT Manager
Jeroboams Group Ltd
On 16 Dec 2014, at 21:38, Austin Macdade <[email protected]> wrote:
In my experience, and in the experience of most security experts I know, this
is true. In the event of a targeted attack, there are many tools available to
an attacker that are not leveraged in general in dragnet attacks. General
attacks being worms, malicious spam and websites, etc. You know, the stuff your
users get into that patching and policy protect against.
To really protect against targeted attacks, good auditing practices are usually
recommend. This means knowing what is normal and detecting abnormalities, or at
least being able to know how far an attacker was able to get, and how. Done
correctly, and this could even be used to detect some social engineering
attacks.
----- Reply message -----
From: "Lars Nelson" <[email protected]>
To: "Patch Management Mailing List"
<[email protected]>
Subject: [patchmanagement] Advise for group that is a good resource for this
kind of matter
Date: Tue, Dec 16, 2014 4:10 PM
Hi Susan.
I know that this is out of context for the PM group but was wondering if you
had any pointers on where one might go -- a good newsgroup or website -- to dig
deeper into the matter presented by Roger Grimes in this recent Infoworld post
regarding the recent Sony break in.
Here is a link to that post on Infoworld.
http://www.infoworld.com/article/2856872/security/how-unusual-was-the-sony-hack-less-so-than-you-think.html?phint=newt%3Dinfoworld_daily&phint=idg_eid%3De74f887744626d3bfdb89e21c1b152ce#tk.IFWNLE_nlt_daily_am_2014-12-09
I like Rogers work and have learned a lot from him, but this posting seems
somewhat irresponsible.... fear mongering if you will.
Taken at face value, it would seem that there is no defense against data theft.
If a bad guy wants into your network they will get in -- no matter what -- and
usually within the hour. I'm not buying that 100% and so was looking at a good
source to work with to get to the bottom of exactly what is going on here to
try to establish the credibility of such an article.
Thanks!
Lars
---
PatchManagement.org is hosted by Shavlik
The content on the email list is intended for assisting administrators. If you
would like to use any of this content in a blog or media publication, please
contact the owners of the list for approval.
To unsubscribe send a blank email to [email protected]
If you are unable to unsubscribe via this email address, please email
[email protected]
---
PatchManagement.org is hosted by Shavlik
The content on the email list is intended for assisting administrators. If you
would like to use any of this content in a blog or media publication, please
contact the owners of the list for approval.
To unsubscribe send a blank email to [email protected]
If you are unable to unsubscribe via this email address, please email
[email protected]
