[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Cracking attempt


On Mon, Feb 24, 2003 at 06:08:43AM -0700, Tim Spriggs wrote:

> On Mon, 24 Feb 2003, Russell Coker wrote:
> > BTW  As a rule of thumb, if you can crash it then you can probably
> > exploit it, I hope that server isn't running as root.
> I realize that too. Unfortunately, Universities (at least around here)
> tend to be VERY political and getting something like linux as a main
> college server in place would be "making waves" with the type of
> people that run the money upstairs. 

Just rest assured that a non-firewalled box containing backups will make
a /lot/ more waves upstairs when (sic!) it gets cracked.

You don't need to push Linux, you just need to explain the current
risks, their cost and what it costs to implement a solution (be it
Debian or Windows-95 based, ultimately they won't care), and the risks
associated with that.

Even the people upstairs have their gut feelings or prejudices about
things they don't understand -- and we all know how hard that can make
things -- they do tend to be sensitive to talks that mention well
founded estimates of risks and costs.



E-Advies / Emile van Bergen   |   emile@e-advies.info
tel. +31 (0)70 3906153        |   http://www.e-advies.info

Attachment: pgpkMM6vXW4Ok.pgp
Description: PGP signature

Reply to: