In a near future, the IT security in Germany will become a great hole, since the IT security professionals will be forbid to do their work.
In my opinion, as sysadmin, this is definitely not the way to solve security issues.
I know the German government is doing this because that problem with Latvia (The whole country became offline 'cause a DDoS attack), but this is NOT the solution, these crackers will not stop their "job", but if the Gov forbids the IT security staff to do their work, then the attacks will tend to grow!
Ok, now let us talk about the solutions:
1. The German government should think about ways of education the youth IT security enthusiasts for the ethical hacking.
2. They should, despite forbidding "hacker tools", think about giving better training for the government security staff.
90% of it's attacks are successful 'cause there are negligent sysadmins maintaining these systems.
The security patches are online for downloading, they could just update their boxes, but they DON'T DO IT!
Good security policies, training and responsability by it's sysadmins would definitely solve the security problems.
In my opinion, as sysadmin, this is definitely not the way to solve security issues.
I know the German government is doing this because that problem with Latvia (The whole country became offline 'cause a DDoS attack), but this is NOT the solution, these crackers will not stop their "job", but if the Gov forbids the IT security staff to do their work, then the attacks will tend to grow!
Ok, now let us talk about the solutions:
1. The German government should think about ways of education the youth IT security enthusiasts for the ethical hacking.
2. They should, despite forbidding "hacker tools", think about giving better training for the government security staff.
90% of it's attacks are successful 'cause there are negligent sysadmins maintaining these systems.
The security patches are online for downloading, they could just update their boxes, but they DON'T DO IT!
Good security policies, training and responsability by it's sysadmins would definitely solve the security problems.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/567/2144#2144