Hi, There is something that never failed to amaze me : the attitude of a lot of SAs. First of all let me tell you several things that attract my attention on conferences: did you notice that during security workshops and tutorial most of people look with wide eyes at you if you tell them about methods that intruders use? Did you notice a number of people who say that their system were never broken into while you know that they export filesystems to world? The same people would say that they rely on the most advanced intrusion detection systems from Blah Inc that cost them $50,000 a year to maintain. etc, etc, etc. Why do we trust our vendors when they say that their systems are secure? What are the checks that we perfom before we bring a system onto the netwotk? Do we perform them at all or do we just blindly assume that if there is no patch out there, there is no problem? Is it that we do not want to bother with it or is it that we do not know where to look? I would appreciate your comments... Best wishes, Alex ============================================================================ Alexander O. Yuriev Email: alex@bach.cis.temple.edu CIS Labs, TEMPLE UNIVERSITY WWW: http://bach.cis.temple.edu/personal/alex Philadelphia, PA, USA KeyID: 1024/D62D4489 Key Fingerprint: AE84534377CCC4E2 37B13C4D8CD3D501 Unless otherwise stated, everything above is my personal opinion and not an opinion of any organisation affiliated with me. =============================================================================