Saw this on Slashdot, and thought it might be worth some thought...
http://www.aldotwaste.com/
The short version is that after being frustrated for a while, the person
in question Trojaned his boss's machine, and gathered screenshots over a 7
month period that show 70% of the time, his boss was playing solitaire,
and 20% of the time, checking his stocks. The whistle-blower was removed
from his position, though he claims policy gave him the right to monitor
and document abuses.
Some of the knee-jerk reaction from the organization looks to be "there
was IDS and it was showing hacking and obviously this got us hacked!"
balanced by an independent report that says they were up to their ears in
false positives and didn't have AV updates working.
Thoughts? Comments? Updates from our favorite copying place?
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul_at_compuwar.net which may have no basis whatsoever in fact."
probertson_at_trusecure.com Director of Risk Assessment TruSecure Corporation
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Aug 01 2004
Intro
