Barrie Dempster wrote:
I hate to tell you this, but even that wouldn't make a difference to some Deans. I have had profs and Deans complain because we wouldn't allow them to just put a hacked machine back online. They think that somehow, once we've discovered a breach, it automagically goes away (or, more likely, it's not as important as the work that server was doing.)On Sun, 2006-04-23 at 18:45 -0500, Paul Schmehl wrote:Depending upon which Dean you're referring to, this could little to no good at all. The Dean might even think there's nothing wrong with SSNs being exposed.In that case you could cite some *very* recent precedent on the matter: http://www.statesman.com/news/content/news/stories/local/04/24utcomputers.html http://tinyurl.com/h55y6
If you look at my sig you should be able to figure out I'm not at the school cited in that article. (And that's not to say that we're any better than they are or that we'd never be hacked like that.)So was the above your responsibility then Paul ? ;-P
-- Paul Schmehl (pauls@xxxxxxxxxxxx) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/