I think educated users are even more dangerous because they think they have
it all cover, the admin being the worse ones...
I don't trust users, I don't trust AV (I run 4 different one from different
companies), I don't trust firewall (I run 2 from different companies), I
don't trust IDS (I run 2 from you guess what) and over all, I certaintly
don't trust myself... There is so much to learn that the more I learn, the
less I know.
Good week-end all and good sleep, it could be the last for some days... :o)
-----Message d'origine-----
De : Aaron Lewis [mailto:aaron (at) adldatacomm (dot) net [email concealed]]
Envoyé : 13 août, 2004 11:28
À : focus-ms (at) securityfocus (dot) com [email concealed]
Cc : macleonard (at) softhome (dot) net [email concealed]
Objet : RE: most avtive attack type
Agreed. I would say most email viruses / worms enter a system due to a user
who is so curious they have to open it. Educating the users and having them
understand the problem and the solutions is very key in maintaining a sound
environment. Blocking some outgoing traffic of well known threats at the
border device can help too.
I know Admins at the local government level who don't run AV or patch their
systems because they have a firewall and they think nothing can get to them.
The worst part is the Admin doesn't know anything about networking and the
firewall setup was outsourced and hasn't been touched since install.
Yes I said government
ADL
-----Original Message-----
From: MacLeonard Starkey [mailto:macleonard (at) softhome (dot) net [email concealed]]
Sent: Thursday, August 12, 2004 3:49 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: most avtive attack type
Much of what I am currently seeing are email based vectors,
as such, they rely either on holes in the client software which allows
immediate execution of attachments, or the human factor.
Make sure you educate your users, or all the firewalling and patching in the
world won't help you
regards,
Macca
first last wrote:
> Hello everyone,
>
> I was wondering what the most common type of attack to expect to get
> hit with over a network is. I will be protecting a MS based network.
>
>
> The other thing i was thinking is in this senerao what type of attacks
> should you be watching out for?
>
> senerao: Small TCP/IP network (sub 6 pcs) All have the latest MS
> client or server OSes fully patched. IPSec running as a firewall, all
> trafic monitered/logged, services configured (and disabled) 1
> Software router, 1 Hardware router (firewall running on each) im
> thinking thats about it.
>
> Thanks for the help it is greatly apricated
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's
> FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>
> ----------------------------------------------------------------------
> ----
-
> ----------------------------------------------------------------------
> ----
-
>
>
I think educated users are even more dangerous because they think they have
it all cover, the admin being the worse ones...
I don't trust users, I don't trust AV (I run 4 different one from different
companies), I don't trust firewall (I run 2 from different companies), I
don't trust IDS (I run 2 from you guess what) and over all, I certaintly
don't trust myself... There is so much to learn that the more I learn, the
less I know.
Good week-end all and good sleep, it could be the last for some days... :o)
-----Message d'origine-----
De : Aaron Lewis [mailto:aaron (at) adldatacomm (dot) net [email concealed]]
Envoyé : 13 août, 2004 11:28
À : focus-ms (at) securityfocus (dot) com [email concealed]
Cc : macleonard (at) softhome (dot) net [email concealed]
Objet : RE: most avtive attack type
Agreed. I would say most email viruses / worms enter a system due to a user
who is so curious they have to open it. Educating the users and having them
understand the problem and the solutions is very key in maintaining a sound
environment. Blocking some outgoing traffic of well known threats at the
border device can help too.
I know Admins at the local government level who don't run AV or patch their
systems because they have a firewall and they think nothing can get to them.
The worst part is the Admin doesn't know anything about networking and the
firewall setup was outsourced and hasn't been touched since install.
Yes I said government
ADL
-----Original Message-----
From: MacLeonard Starkey [mailto:macleonard (at) softhome (dot) net [email concealed]]
Sent: Thursday, August 12, 2004 3:49 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: Re: most avtive attack type
Much of what I am currently seeing are email based vectors,
as such, they rely either on holes in the client software which allows
immediate execution of attachments, or the human factor.
Make sure you educate your users, or all the firewalling and patching in the
world won't help you
regards,
Macca
first last wrote:
> Hello everyone,
>
> I was wondering what the most common type of attack to expect to get
> hit with over a network is. I will be protecting a MS based network.
>
>
> The other thing i was thinking is in this senerao what type of attacks
> should you be watching out for?
>
> senerao: Small TCP/IP network (sub 6 pcs) All have the latest MS
> client or server OSes fully patched. IPSec running as a firewall, all
> trafic monitered/logged, services configured (and disabled) 1
> Software router, 1 Hardware router (firewall running on each) im
> thinking thats about it.
>
> Thanks for the help it is greatly apricated
>
> _________________________________________________________________
> Express yourself instantly with MSN Messenger! Download today - it's
> FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>
>
> ----------------------------------------------------------------------
> ----
-
> ----------------------------------------------------------------------
> ----
-
>
>
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]