[lug] Firewall != Linux, Was -> Broadband

Nate Duehr nate at natetech.com
Wed Aug 2 11:31:07 MDT 2000


On Tue, Aug 01, 2000 at 09:20:56PM +0200, rm at mamma.varadinet.de wrote:

> will make a site secure. Most incidents i have heard of recently
> where caused by malicious code executed on a client from within
> the private net--something even the best firewall can't stop.

Hey Ralf, funny story you reminded me of.  One of our engineers built a
little script to mail end-of-month information to various people
throughout the company... forgot to check both the date and TIME in the
script.  Deployed it nationwide (hello?  release process???) and
40,000 mail messages later, the NT virus scanner croaked.  Heh heh...

The power of Perl!

So there's no stopping someone from doing something stupid... no matter
WHAT technology you put in place.  This goes back to my comments about
POLICY a few minutes ago... If there'd been some teeth in the release
process, "Hey, don't upload that to production all over the place, why
don't you just try that in Denver only this month... Phased rollout, ya
know man?", it wouldn't have happened.  Or then again, maybe it would
have.

(And yes, I know 40,000 is low volume for some places....)  GRIN

-- 
Nate Duehr <nate at natetech.com>

GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20000802/2dc83b30/attachment.pgp>


More information about the LUG mailing list