Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Disaster Recovery
From: "Rietveld, Peter" <priet () CENTENNIUM NL>
Date: Wed, 15 Nov 2000 00:36:53 +0100

I agree, it appears that we just don't have enough disasters. I noticed how
a major european bank recently moved their critical systems to the top floor
of the building. It is near a major airport, not too far from where an El Al
jumbo crashed a few years ago. The previous location was bomb proof, now a
single mortar shell will do the trick. I guess the end of the cold war meant
the end to traditional disaster preparations, which were often related to
the threat of terrorism or the possibility of actual war. And when I think
of it, this it not so very strange thinking, why blow up a building if
crashing a few routers has the same effect. I think the threats actually
have changed.

In the good old days of mainframes it was also a lot easier than it is now,
how do you protect a networked data infrastructure? All that valuable data
that is sitting on PC's which aren't backed up anyway? The answer is
probably that it is too complicated a task, so we just will not think about
it. There just are no simple answers to this problem. Although some managers
consider off site data storage a sort of solution. It is easier just to
concentrate on problems we can solve.

Since it is off the hot topic lists, a list serve will not generate enough
attention. I have never seen one, allthough it is the line of my work to
monitor all the security related lists. If anyone finds one, let me know.




Does anyone know of a list serve that specializes in discussions related
Disaster Recovery of mainframe/client-server systems. Seems like when we
think of IT security, disaster recovery is just not the current hot topic.
However, with the rapid deployment of national computer applications that
integrate with multiple data centers,  extranets, ISP's, VPN's, etc..how
you plan for disaster recovery??  To me, this is just as big of a computer
security risk, as someone breaking into your computer systems. Has it
to complex?  Are we just playing down the issue?  In the old days with
mainframe computers it was pretty straight forward..however

In my current job, I am a firewall administrator and also head up a team
the deployment of intrusion detection and penetration security tools.  I
still baffled that no one in IT seems to care much about disaster
Maybe, I am just not hanging out with the right types of IT folks.
I have worked for a number of companies and disaster recovery, just does
seem to be an important issue when you think about computer security.

Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]