You know, knowing you've not been compromised and you know what you're doing, doesn't always equate to arrogance or being over confident. And no, that's not to be construed as saying that "I'm the best" or any such thing. I am just tired of seeing the "if someone wants in, they'll get in". That is utter nonsense, I would never trust someone's qualifications that believed that (barring (yes) zero day exploits you had no way of knowing about--though it's rare you couldn't know in this field--and that you didn't have it running, configured or use some other method to minimize or prevent it from being a problem on your own system)..
It's not all about how much will power a cracker has, after all, and few have those sort of skills (very few, about the same odds as the lottery) and they too, still have to find a way in, and depending on your platform, how it's set up and so on. I don't tend to just install programs and services and just think I'm okay as long as I keep up to date on patches. They (crackers) can only use certain methods, and are using the same technology as you can, you are also in control. Again, provided you know how and where to check, use tools that will alert you of any files that have their sum's changed, dates, etc. and monitor the system, you would know if you're been compromised. -- Regards, Tim Greer [EMAIL PROTECTED] Server administration, security, programming, consulting. ----- Original Message ----- From: "Meritt James" <[EMAIL PROTECTED]> To: "Tim Greer" <[EMAIL PROTECTED]> Cc: "Erik !" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, July 08, 2003 8:56 AM Subject: Re: Ten least secure programs > I would not express the copnfidence that you just did. > > Tim Greer wrote: > > > > No, it's never happened. This is definitely a possibility for many > > instances, but if you know how and where to check, use tools to alert you if > > anything has changed, and have the experience, you'd know. Anyway, that's > > not the case, and it's not exactly a rare thing to not have been > > compromised, as if it's inevitable. Provided you don't get hit with any > > zero-day exploits that you couldn't have prevented by what you run, filter > > or how it's configured, or just don't use software/services that are > > vulnerable to them--or you just aren't targeted, it's not really > > unreasonable to hear. > > -- > > Regards, > > Tim Greer [EMAIL PROTECTED] > > Server administration, security, programming, consulting. > > > > ----- Original Message ----- > > From: "Meritt James" <[EMAIL PROTECTED]> > > To: "Erik !" <[EMAIL PROTECTED]> > > Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > > <[EMAIL PROTECTED]> > > Sent: Tuesday, July 08, 2003 6:45 AM > > Subject: Re: Ten least secure programs > > > > > Recommended modification: "Do not know ever been hacked." You very well > > > may have been but do not know that you have been. Only the inept get > > > caught. > > > > > > Jim > > > > > > "Erik !" wrote: > > > > > > > > Tim, > > > > 1. I'm glad you have never been hacked ... 8) > > > > > > > > 2. ever hear of: > > > > > > > > a. social engineering, and > > > > b. zero-day exploits > > > > > > > > ? > > > > > > > > 3. *... I'll find a new line of work* > > > > > > > > WHEN that time comes, I hear barbers enjoy nice long relaxing careers. > > > > > > > > erik > > > > > > > > ----Original Message Follows---- > > > > From: "Tim Greer" <[EMAIL PROTECTED]> > > > > To: "Erik !" > > > > > > <[EMAIL PROTECTED]>,<[EMAIL PROTECTED]>,<[EMAIL PROTECTED] > > yfocus.com> > > > > Subject: Re: Ten least secure programs > > > > Date: Thu, 3 Jul 2003 14:44:01 -0700 > > > > > > > > Please, I never bought the "if someone wants in, they will get in" line. > > :-) > > > > There's not enough conditionals to that claim. There's not just > > inevitably > > > > a way in, no matter what and that a sys admin can't do anything about > > it, as > > > > if that's "just the way it is". if you believe otherwise, I'll set up a > > > > system and you can manage to "just get in" and I'll find a new line of > > work. > > > > -- > > > > Regards, > > > > Tim Greer [EMAIL PROTECTED] > > > > Server administration, security, programming, consulting. > > > > > > > > ----- Original Message ----- > > > > From: "Erik !" <[EMAIL PROTECTED]> > > > > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > > > Sent: Wednesday, July 02, 2003 3:20 PM > > > > Subject: Re: Ten least secure programs > > > > > > > > > Here's what the experts use (for starters - bigger cos. develop their > > own > > > > > list, based upon their own internal consensus). > > > > > > > > > > http://www.sans.org/top20/ > > > > > > > > > > this is broken out by windows and unix centric apps/services. > > > > > > > > > > It really pegs the most comman apps/services that sysadmins overlook > > and > > > > > hence end up causing the most problems. > > > > > > > > > > A determined hacker could get into most any network, it gets back to > > the > > > > old > > > > > adage: > > > > > > > > > > You are going to be hacked at some point, it's just a matter of how > > soon > > > > you > > > > > want that to happen. > > > > > > > > > > Balance your LAN security against your business needs. > > > > > Erik > > > > > > > > > > > > > > > ----Original Message Follows---- > > > > > From: Ansgar Wiechers <[EMAIL PROTECTED]> > > > > > To: [EMAIL PROTECTED] > > > > > Subject: Re: Ten least secure programs > > > > > Date: Tue, 1 Jul 2003 10:52:23 +0200 > > > > > > > > > > I'm not sure if this discussion will be productive in any way, since > > you > > > > > seem to concentrate too much on the software and ignore layer 8, > > which > > > > > is (IMHO) the major problem. But anyway, here you go: > > > > > > > > > > On 2003-06-28 Chris Berry wrote: > > > > > > I'm putting together a list of what seem to be the ten least > > secure > > > > > > computer items in use today with the idea of having a set of > > things to > > > > > > recommend AGAINST people using, probably to be posted on the IT > > room > > > > > > door with a note like "NO, you cannot use the following!!". Here > > is > > > > > > what I have so far, I'm looking for additions and comments. The > > list > > > > > > is in order from with the worst offender being number one. These > > > > > > should be products whose inheirent design is flawed, not that are > > just > > > > > > difficult to secure. I expect vigorous discussion. *putting on > > flame > > > > > > retardent garments* Oh, and leave Operating systems out of this > > one. > > > > > > > > > > I'm not sure if this discussion will be productive in any way, since > > you > > > > > seem to concentrate too much on the software and ignore layer 8, > > which > > > > > is (IMHO) the major problem. But anyway, here we go: > > > > > > > > > > > 1) Microsoft Outlook > > > > > > > > > > I beg to differ on this one. Outlook is a groupware client and is > > > > > therefore *designed* to be insecure. It's a behaviour I would expect > > > > > from a groupware client. Of course one should *not* use Outlook as an > > > > > internet mail client (at least not without taking further > > precautions). > > > > > Also I would like to mention that AFAIR all vulnerabilities in > > Outlook > > > > > are vulnerabilities of the Internet Explorer (which I suggest to put > > on > > > > > this list instead). > > > > > > > > > > > 2) Telnet > > > > > > 3) Sendmail > > > > > > 4) IIS Server > > > > > > 5) Wireless networking > > > > > > 6) PHP > > > > > > 7) ? > > > > > > 8) ? > > > > > > 9) ? > > > > > > 10) ? > > > > > > > > > > You might want to add FTP in general and BIND (at least earlier than > > > > > version 9) here. > > > > > > > > > > Regards > > > > > Ansgar Wiechers > > > > > > > > > > > > > > > > -------------------------------------------------------------------------- > > > > - > > > > > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top > > analysts! > > > > > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > > > > > while InStat has confirmed Neoteris as the leader in marketshare. > > > > > > > > > > Find out why, and see how you can get plug-n-play secure remote > > access in > > > > > about an hour, with no client, server changes, or ongoing > > maintenance. > > > > > > > > > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > > > > > > > > > > > -------------------------------------------------------------------------- > > > > -- > > > > > > > > > > _________________________________________________________________ > > > > > Add photos to your messages with MSN 8. Get 2 months FREE*. > > > > > http://join.msn.com/?page=features/featuredemail > > > > > > > > > > > > > > > > > > > > > -------------------------------------------------------------------------- > > > > - > > > > > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top > > analysts! > > > > > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > > > > > while InStat has confirmed Neoteris as the leader in marketshare. > > > > > > > > > > Find out why, and see how you can get plug-n-play secure remote > > access in > > > > > about an hour, with no client, server changes, or ongoing > > maintenance. > > > > > > > > > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > > > > > > > > > > > -------------------------------------------------------------------------- > > > > -- > > > > > > > > > > > > > _________________________________________________________________ > > > > STOP MORE SPAM with the new MSN 8 and get 2 months FREE* > > > > http://join.msn.com/?page=features/junkmail > > > > > > > > > > -------------------------------------------------------------------------- > > - > > > > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top > > analysts! > > > > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > > > > while InStat has confirmed Neoteris as the leader in marketshare. > > > > > > > > Find out why, and see how you can get plug-n-play secure remote access > > in > > > > about an hour, with no client, server changes, or ongoing maintenance. > > > > > > > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > > > > > > -------------------------------------------------------------------------- > > -- > > > > > > -- > > > James W. Meritt CISSP, CISA > > > Booz | Allen | Hamilton > > > phone: (410) 684-6566 > > -- > James W. Meritt CISSP, CISA > Booz | Allen | Hamilton > phone: (410) 684-6566 --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
