I figured poor timing was your regular duty.
-lc >________________________________ > From: William Robbins <dangerw...@gmail.com> >To: ntsysadm@lists.myitforum.com >Sent: Tuesday, August 6, 2013 2:18 PM >Subject: Re: [NTSysADM] man-in-the-middle attack > > > >Apparently my attempt at humor was poorly timed. (again) My apologies. >Carry on with your regular duties. > > > > > - WJR > > > >On Tue, Aug 6, 2013 at 1:31 PM, William Robbins <dangerw...@gmail.com> wrote: > >Hey Lora, >> >> >>I have a side bet going that you can help me with if you please. Are you >>really -sc? >> >> >> >> >> - WJR >> >> >> >> >>On Tue, Aug 6, 2013 at 11:10 AM, Lora Cates <lora.ca...@rocketmail.com> wrote: >> >>I find it interesting that there are several folks, myself included, that >>fail to see your point, yet when pressed for details on specific points you >>reply with the deeply insightful "Whatev." and now declare the conversation >>ended so you are taking your ball and going home. >>> >>> >>>Are you just unwilling to explain yourself, or unable? >>> >>> >>>-lc >>> >>> >>> >>>> From: listsad...@lists.myitforum.com >>>> [mailto:listsad...@lists.myitforum.com] >>>> On Behalf Of Micheal Espinola Jr >>>> Sent: Monday, August 5, 2013 8:35 PM >>>> >>>> >>>> To: ntsysadm@lists.myitforum.com >>>> Subject: Re: [NTSysADM] man-in-the-middle attack >>>> >>>> >>>> >>>> I guess you either see my specific point or you don't. I stated it, and >>>> I'm >>>> not one to engage in arguments were I just repeat myself because people are >>>> choosing to ignore, overlook, or simply disregard my point. If you don't >>>> agree, don't, and move on. If you dont know what my "specifics" were, then >>>> I dont know what to tell you - other than, I guess reread the emails. >>>> >>>> >>>> >>>> In any event, I'm no longer interested in this topic of conversation, since >>>> it stopped actually being one many replies back. >>>> >>>> >>>> -- >>>> Espi >>>> >>>> >>>> >>>> >>>> >>>> On Mon, Aug 5, 2013 at 5:16 PM, Ken Schaefer <k...@kj.net.au> wrote: >>>> >>>> What are the characteristics of the “specifics” you’re referring to that >>>> make a general analysis not applicable? >>>> >>>> >>>> >>>> I think this is the crux of the issue taken with your original post. >>>> >>>> >>>> >>>> Cheers >>>> >>>> Ken >>>> >>>> >>>> >>>> From: listsad...@lists.myitforum.com >>>> [mailto:listsad...@lists.myitforum.com] >>>> On Behalf Of Micheal Espinola Jr >>>> Sent: Saturday, 3 August 2013 5:00 AM >>>> >>>> >>>> To: ntsysadm@lists.myitforum.com >>>> Subject: Re: [NTSysADM] man-in-the-middle attack >>>> >>>> >>>> >>>> You're continuing to generalize, ignoring the specifics I was referring to. >>>> >>>> >>>> -- >>>> Espi >>>> >>>> >>>> >>>> >>>> >>>> On Fri, Aug 2, 2013 at 11:23 AM, Steven M. Caesare <scaes...@caesare.com> >>>> wrote: >>>> >>>> Substitute any risk you what in any circumstance you want. >>>> >>>> >>>> >>> > As long as the odds are > 0 then you have to consider mitigating that risk… >>> >>>> it then becomes a matter of cost to do so, the value proposition of which >>>> depends on the potential damage from the event occuring. >>>> >>>> >>>> >>>> How unlikely does an event have to be in order to spend $X on it? >>>> >>>> >>>> >>>> -sc >>>> >>>> >>>> >>>> From: listsad...@lists.myitforum.com >>>> [mailto:listsad...@lists.myitforum.com] >>>> On Behalf Of Micheal Espinola Jr >>>> Sent: Friday, August 2, 2013 11:40 AM >>>> >>>> >>>> To: ntsysadm@lists.myitforum.com >>>> Subject: Re: [NTSysADM] man-in-the-middle attack >>>> >>>> >>>> >>>> Again, apples/oranges. I'm speaking of specific circumstance, and I'm not >>>> about to include natural disasters in the debate. You can either choose to >>>> see what I'm saying for what I'm saying, or don't. I'm not generalizing. >>>> I'm speaking of data loss to remote access intrusion. >>>> >>>> >>>> -- >>>> Espi >>>> >>>> >>>> >>>> >>>> >>>> On Fri, Aug 2, 2013 at 6:53 AM, Steven M. Caesare <scaes...@caesare.com> >>>> wrote: >>>> >>>>> The odds dont matter if the risk will result in catastrophic loss to the >>>>> business. >>>> >>>> >>>> >>>> Sure they do. >>>> >>>> >>>> >>>> A meteor that wipes out your facility in North America can be mitigated by >>>> having a completely redundant $50bil factory in Europe. >>>> >>>> >>>> >>>> Are you recommending that? >>>> >>>> >>>> >>>> -sc >>>> >>>> >>>> >>>> >>>> >>>> From: listsad...@lists.myitforum.com >>>> [mailto:listsad...@lists.myitforum.com] >>>> On Behalf Of Micheal Espinola Jr >>>> Sent: Wednesday, July 31, 2013 7:55 PM >>>> >>>> >>>> To: ntsysadm@lists.myitforum.com >>>> Subject: Re: [NTSysADM] man-in-the-middle attack >>>> >>>> >>>> >>>> IMO, its a matter of recreational gambling vs. professional (done for a >>>> living) gambling[1]. You know the odds, or you don't - doesn't matter. >>>> What matters is if you can continue to profit from the risk. Will the risk >>>> hurt the continuity of business operations in terms of revenue loss. The >>>> extreme example of this is Russian roulette. >>>> >>>> >>>> >>>> The resulting exposed data in a MitM scenario is unique and has substantial >>>> potential. What is important to monetize here is the loss resulting from a >>>> MitM attack at all levels of remote access for the organization. >>>> >>>> >>>> >>>> The odds dont matter if the risk will result in catastrophic loss to the >>>> business. As someone that has discovered corporate espionage intrusions, >>>> and systematically prevented the loss of future business deals worth >>>> millions of dollars (whose loss would have otherwise collapsed the >>>> business) >>>> - I have a specific view of this issue. The only additional info on this >>>> that I will provide is that the intrusion allowed a bidding competitor >>>> access to corporate communications as well as business plans and bidding >>>> documents. My discoveries led to the prevention of a competitor from >>>> staying one step ahead of us in business planning and bidding, and eventual >>>> Federal prosecution of the intruder. >>>> >>>> >>>> >>>> >>>> >>>> 1. I'm not a gambler, but I have known professional gamblers. >>>> >>>> >>>> -- >>>> Espi >>>> >>>> >>>> >>>> >>>> >>>> On Wed, Jul 31, 2013 at 4:05 PM, Ken Schaefer <k...@kj.net.au> wrote: >>>> >>>>> In any event, the odds are irrelevant - the issue is the business risk of >>>>> intrusion/loss. >>>> >>>> >>>> >>>> How can you say that “odds are irrelevant” if the issue is business risk? >>>> >>>> >>>> >>>> Risk is “potential for loss”, and potential includes a weighting for >>>> likelihood (i.e. “the odds”)? >>>> >>>> >>>> >>>> Can you clarify what you mean? >>>> >>>> >>>> >>>> Cheers >>>> >>>> Ken >>>> >>>> >>>> >>>> From: listsad...@lists.myitforum.com >>>> [mailto:listsad...@lists.myitforum.com] >>>> On Behalf Of Micheal Espinola Jr >>>> Sent: Thursday, 1 August 2013 1:43 AM >>>> >>>> >>>> To: ntsysadm@lists.myitforum.com >>>> Subject: Re: [NTSysADM] man-in-the-middle attack >>>> >>>> >>>> >>>> Odds would be very difficult to extrapolate with any legitimate accuracy, >>>> as >>>> you need to know and control the possible environments and habits of your >>>> remote employees. In any event, the odds are irrelevant - the issue is the >>>> business risk of intrusion/loss. >>>> >>>> >>>> -- >>>> Espi >>>> >>>> >>>> >>>> >>>> >>>> On Wed, Jul 31, 2013 at 8:07 AM, David Lum <david....@nwea.org> wrote: >>>> >>>> I need to present management with the odds of this actually getting >>>> exploited, as I’d want to force TLS 1.2 for ADFS but that takes Chrome and >>>> more importantly Safari (iOS devices) out of the mix, so I suspect >>>> management might say “we want compatibility instead of protection from some >>>> obscure attack that is unlikely to happen. >>>> >>>> >>>> >>>> In short, what are the odds of a MITM attack actually happening between my >>>> remote employee and our ADFS server? >>>> >>>> David Lum >>>> Sr. Systems Engineer // NWEATM >>>> Office 503.548.5229 // Cell (voice/text) 503.267.9764 >>> >> > > >