[Sussex] User vs Vendor Liability
Steve Dobson
steve.dobson at krasnegar.demon.co.uk
Mon Aug 25 13:23:00 UTC 2003
Hi Nik / Geoff / everyone else
On Mon, Aug 25, 2003 at 10:06:16AM +0100, Geoff Teale wrote:
<snip>
> IT departments love things like
> SQL Server and Windows Networking because it's easy to get them up and
> running - what a lot of them don't take account of is that it isn't easy
> to get any of these things correctly (i.e., secure, stable, and fast).
> Don't even get me started on the fact that a lot of Microsoft security
> advisories require sys-admins to hack the registry (and whoops, here we
> are doing something less user friendly than a trip with vi to /etc land!
<snip>
So the base problem here is that SysAdims just want an easy life. Well to
a point don't we all? One the clients I support recent got hit by the
Sobig virus. This effected their WiFi network as the port scanning of
all their infected workstations was interfering with other, unrelated
system. The problem was there network design - it was flat (one netmask)
across three buildings! And with the WiFi network being some 10 times
slower the port scanning traffic swamped that part of the network.
These problems with their network was identified six months back, hardware
was order. But the time, and money, to re-structure their network was
never found. Well they've paid the price now and still they have to
restructured their network. I wonder how many time they will have to
suffer this kind of outage before they do something.
So, Nik, as someone who goes in to clients sites do your refuse to do
things the easy way or do you provide the options?
"There are two ways I can configure your network work:
1). It's quick and cheep but is venerable to attack, or
2). Will take longer but is less venerable - it's not
completely immune though."
Steve
More information about the Sussex
mailing list