On 06/13/2013 01:03 PM, Brandon Allbery wrote:
On Thu, Jun 13, 2013 at 5:39 PM, Harvey Rothenberg
<forensic2...@yahoo.com <mailto:forensic2...@yahoo.com>> wrote:
From TechTarget's WhatIs (dot) com defines a worm as a
self-replicating code that does not alter files but resides in
active memory and duplicates itself. It is common for worms to be
noticed ONLY when their uncontrolled replication consumes system
resources, slowing or halting other tasks.
That ship has sailed. Like it or not, the average user --- and the
average compliance auditor --- does not distinguish between clades of
malware.
I'm a slow learner at times. For years I've been arguing with our
compliance auditor about various aspects, and then finding out it gets
me no where. I still end up having to do stupid pointless checks all
over the place just to meet a tick box, and I'm never going to persuade
them otherwise.
When we interview sysadmin candidates one thing we tend to ask is "What
aspect of a sysadmin job don't you like". For me it's become PCI-DSS /
Security compliance, without question. I 'waste' at the very least a
day, but more typically two, researching and confirming that 99% of the
vulnerabilities reported for our infrastructure are false positives, and
I have to do this every 3 months or so.
Like it or lump it our job is to somehow wrangle a cohesive and complete
security infrastructure that incorporates that checklist, even if all it
does is marginalise the harm caused by that checklist.
Paul
_______________________________________________
Discuss mailing list
Discuss@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
