Comments on Carnal0wnage & Attack Research Blog: Lets Get Real

Be frank, from IT perspective, they would like to ...

2011-11-24T23:44:28.932-05:00

Be frank, from IT perspective, they would like to keep systems and network "running' and "available" but not about confidentiality and integrity at the first sight.

Unless there is a nationwide security guideline and standard the company should fulfill and comply with, otherwise, they will suffer a severe financial and legal risk if outbreaks are reported, otherwise, they will keep themselves loose indeed.

We keep our work rolling but it readily takes time.

Must agree with what is said. Sadely. Companies wo...

2011-11-21T07:51:57.094-05:00

Must agree with what is said. Sadely.
Companies wont act until 'something has happened', and when there is something, the tip of the iceberg, everyone is happy to down play it. The fundamental flaw is not only money related, but, as often, is also due to a lack of commitment and concern of the management (and staff) as well as a lack of competency in the mot fundamental system and network administration tasks.

The trues is that I am the admin of swiss cheese full of holes.

Welcome to the desert of the real.

2011-11-14T16:15:03.732-05:00

Welcome to the desert of the real.

I have two clients that make me laugh with their t...

2011-11-10T13:46:45.591-05:00

I have two clients that make me laugh with their tech choices.

Client A: Approx 45k hosts. User facing is all win 2000. Back is a combination of win svr 2k and 2k3.

Client B: 25k hosts. combo win2k and vista for end users. Backend is NT4

Its a joke on getting anything done. Firewall rule change to common sense setting? 12 weeks. 3 committees. and a prayer.