LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2017

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2017

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Second network adapter
From:	jdow <[log in to unmask]>
Reply To:	jdow <[log in to unmask]>
Date:	Fri, 31 Mar 2017 19:10:22 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (50 lines)

On 2017-03-31 18:09, Konstantin Olchanski wrote:
>>
>> anybody who did [this] [should] be fired upon it's discovery, not "let go" or
>> "laid off" but really "fired for cause".
>>
>
> I am not sure I like this crazy talk about IT departements becoming judge, jury
> and executioner and about firing people left and right for violating some
> arbitrarily made up rules. ("your password is only 28 characters long, you are fired!").
>
> My dislike nomatter, in practice, all this KGB stuff comes to nothing when you try
> to fire a Nobel-prize-winning professor or when you discover that the boss
> of your boss is reading playboy instead of nytimes.

That's why I pictured IT plus other corporate authorities. When you compromise 
security on a company's network you give away the keys to the corporate kingdom. 
That can, has, and should lead to a firing. Having a password that doesn't meet 
spec is a whole different ballgame. And using your CDROM drive as a coffee cup 
holder is something else again. Using your USB ports to plug in random dongles 
you picked up on the street is a potential serious compromise to the corporate 
systems. But, it's up to the IT department to fill them with epoxy, chewing gum, 
or whatever else they want. For that matter password parameters are up to the IT 
department to enforce by not allowing entry of a bad password or providing more 
secure alternate means.

The WiFi node the person wanted to install on a company computer on company 
property simply creates a wide open hole into the network. If that's OK what is 
all this bother with SELinux, firewalls, and other security tools that 
supposedly Linux doesn't really need because well it's magic. (Yes, a Linux 
machine with a user connected to the keyboard and mouse rather than an IT drone 
is going to pick up malware. Recent exploits suggest this can be serious. In 
that case AV helps if you're not among the very first exposed to it.) I 
personally believe companies should have a published policy (hah - PUBLISHED you 
say? Our policies are secret.... - been there, too) declaring that such a WiFi 
tap on their network is a firing offense leading to immediate dismissal unless 
you have a REALLY REALLY good story. On the other paw, if the company isn't 
worth preserving in the minds of its owners and management, then go ahead and 
put in the WiFi tap. Have the grace to feel guilty if it does hasten the 
company's demise, though.

{o.o}   Fortunately I am exposed to VERY weak hacking attempts locally. I live 
uncomfortably dangerously and monitor security logs religiously. If I owned a 
company with me as an IT manager I'd be fired long ago. OTOH - only one 
penetration by malware since 1985 on open networks isn't altogether bad for a 
novice, even if she is paranoid. (They really are out to get me; but, there is 
nothing personal about it. You'll do just as well as me as a victim.) {^_-} And 
methinks me has said enough. IT should have published policies that employees 
are kept aware of. THEN things like an open WiFi (aka any WiFi) router covertly 
installed by an employee can lead to immediate dismissal.

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV