On Sun, 28 Jan 1996, Paul G. Seldes wrote: > One thing to keep in mind is that it is often to ensure that intruders can't do anything on a system rather than try to prevent them from intruding in the first place. > If you break into a safe, and there is nothing there....you leave. > This angle works for many businesses and users. Why not do both? If I ran a business, left nothing inside the building at night to be stolen, and then left the front doors wide open and ungarded....what's to stop some idiots from going in and burning the place down? I would rather stop however many intrusions I could on my system, as well as keep sensitive information offline. This may not stop a determined cracker from getting in, but it will keep out college freshmen with exploit scripts they know nothing about from rm -rf'ing my system. (And I'm sure I'd much rather tell my client or boss that I had done my best to prevent intrusions, some morning when we find our system erased....instead of saying that I'd done nothing but made backups in case this happened....) -Greg Finger for PGP info.