Home page logo
/

firewall-wizards logo Firewall Wizards mailing list archives

Re: RE: In defense of non standard ports
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Fri, 27 Jan 2006 17:06:35 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 24 Jan 2006, Paul D. Robertson wrote:

On Tue, 24 Jan 2006, Tim Shea wrote:

I've been monitoring this discussion and I have issues with two
assumptions being made.  The first is that all organizations have security
professionals with some pull with management.  Politics plays a big part

Trust me, if your organization has security professionals, then they have
pull with management.



I had to stop here, for the term "security professionals" is a hard one to define, does this imply certified persons? Also, working for a state gov, I can state plainly, security professionals/certified persons means little where I ern a paycheck, as they tend to have certs indeed, and yet lack a skill tween the whole group of 10 or so, in fact we could hire monkeys to accomplish the same "scan reports" that are the height of their abilities.

Now to the end of the statement, do they have pull with mgt? Well, they are pulling in a far different diredtion the more they tend to ruffle whole departments by crying wolf <sorry, no that trojan port your nessus scan spotteed means less this month then it did last month you spewed it up the mgt hill on our RACF mainframe, or sorry no your nessus skills are not truely honed if you think pcanywhere is running on that solaris box>.

We have more personell that do not work with ISO with a clue towards security in their prospective realm/OS/platform or on a whole then any of the certified monkeys that ISO has hired to "secure" this state, and the more pull with mgt thet have means the worse things get with each new project rolled out...


Thanks,

Ron DuFresne
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

...We waste time looking for the perfect lover
instead of creating the perfect love.

                -Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD2pltst+vzJSwZikRAvDnAJ9u9wdqBD/ZCEOUJOnu2wh857TJUQCfdwGn
3Mz2Vglj3sYkq16kW6Pzz4E=
=nyeE
-----END PGP SIGNATURE-----
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]