[Techtalk] hacked on solaris
Kai MacTane
kmactane at GothPunk.com
Sun Aug 25 14:30:45 EST 2002
At 8/25/02 12:53 PM , caitlynmaire at earthlink.net wrote:
>Be glad it's only one system. I had 17 SGI and Sun
>boxes to worry about after a hack year before last because the previous
>admin hadn't been allowed to do his job.
I've heard lines like that before. They generally mean that the company
explicitly told the admin *not* to take the time to properly secure the
network, because "it would cost too much".
The thing that really burns me up is that, when the system gets cracked and
the company's Web page reads "j00 hAv3 b33n 0wnZ0r3d by mY sKriPt kiDDi3Z
klUb!!!", at least one or two managers in the company will try to blame the
admin for not taking enough precautions. The admin pointing out (generally
somewhat forcefully) that s/he was explicitly told not to do that is
usually enough to save his/her job.
But what about the person who stopped the admin from securing the system?
How come *that* person never winds up under the gun? I'd really love to see
the people who clamor for the admin's head on a platter turn some of that
politicking ire against the one who was *really* responsible for the
system's vulnerability. But somehow, it never seems to happen.
(Pleae let me know if you have experiences to the contrary; I'd love to
hear 'em!)
--Kai MacTane
----------------------------------------------------------------------
"And when I squinted/The world seemed rose-tinted;
Angels appeared to descend..."
--Depeche Mode,
"Waiting for the Night"
More information about the Techtalk
mailing list