On Tue, 10 Jun 2003, Steve Thomas wrote: > On Tue, Jun 10, 2003 at 03:37:12PM -0400, Shayne Lebrun is rumored to have said: > > > > > The *only* way to pull that off is to totally ignore security updates > > > (and the subsequent reboot). No thanks. :) > > > > Yes, and for an internal machine, properly firewalled and segmented from the > > public internet, this is a perfectly acceptable practice. > > > > Except when you consider that about 50% of hacking incidents are > "internal"(1), perpetrated by either current or former employees. Add > that to the potential for damage when one of your users opens a > nimda-infected e-mail and you'll quickly find out just why you need to > be every bit as security concious on the LAN as at the edge.
That would be 50% of the more damaging and costly hacking incidents come from the inside. Far and away the majority of the hacking incidents come from the outside, regardless of what all the books say. I can think of a mere handful of inside hacking attempts whereas I could list a couple dozen attempts by a worm from the outside on one machine in the last hour. The outside includes all the worms and script kiddies which account for the vast majority of the hacking incidents. Of course these tend to cost you very little since they aren't typically a professional hacking job. They are more of an annoyance and can easily be thwarted with a compotent admin that keeps up with his security updates. It's the inside jobs that are the kickers. Those are the serious threat. It's all fun. :) Justin ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
