Next message: mea culpa: "[ISN] Companies leave databases wide open to espoinage [sic]"
[Moderator: Going to wrap up this installment with two more posts about
ICSA. Please take it off list after that (and CC me in :)]
Reply From: Brian Macke <macke�t_private>
> >Can anyone verify this story? It sounds all too hokey to be true. The BIND
> >vulnerability was one of those annoying hacks that didn't see first light
> >on BUGTRAQ, or even USENET. It was my understanding that CERT got first
> >word from people who got hit, and was without verifiable source to begin
> >with. They're notifications were quite humourous for their lack of
> >concrete evidence of WHAT was happening.
>
> I'll verify it, but I don't guess you'll look at me as objective, and
> that's OK, I'm not. Don't believe it if you don't want to. That works for
> me just fine 8-)
You're right, I won't consider you objective - no one truly ever is. But
if you have proof, I'll listen. I'm seriously not prejudicial towards
ICSA, I just am extremely skepitcal of what they put out as doctrine. I
think I'm rather justified in my skepticism when two ICSA certified
'firewalls' have proven to me to be worse than a direct connection or
homebrew 'firewall'.
(Those are PIX and WatchGuard, BTW. I still stand by my statement that I
wouldn't put a WG box on my network, much less use it as a monitor stand.
I actually tried using it as a monitor stand this last week - the thing
sags in the middle under the weight.)
> >Before or after they front the $20,000 blood money for ICSA?
(That was a jab at firewall certification... I think you missed it. I
agree it was kind of subtle.)
> >Love the Scooby Doo ending. Wish all Security incidents ended with a
> >punchline.
>
> We're so glad you enjoyed it.
It was more of an indictment of journalists covering these kinds of
stories (unless the crew at ICSA thought this one up... it doesn't sound
like it, though). When you write a technical article in a non-technical
circular, (hackers in Forbes, for example), you need a 'Scooby-Doo'
punchline to make the reader feel good about what they just read...
something they can relate to. While that's all well and good for Mr. Joe
Banker in Northampton, Mass. - it's ingratiating to those in the field.
It's very difficult to describe my job to 'normal folks', and it gets even
moreso when people read articles like this with happy endings. Real
security is gritty, ugly, and painful - surrounded by people that want to
make my company a trophy, and managers that don't think it's that big of a
deal. I'm not alone in this - most everyone I rub elbows with in the field
agrees.
So label me bitter if you'd like, it won't be the first time.
> Regards,
>
> Dave Kennedy CISSP
> International Computer Security Assoc http://www.ncsa.com
> Protect what you connect.
> Look both ways before crossing the Net.
-Brian James Macke macke�t_private
Unix SysAdmin/Security Specialist Telegroup, Inc.
"In order to get that which you wish for, you must first get that which
builds it." -- Unknown
-o-
Subscribe: mail majordomo�t_private with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30
: Fri Apr 13 2001 - 12:58:02 PDT