Firewalls: Harsh Security audits?

Firewalls
(February 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Harsh Security audits?
From:	"Greg Collins" <gcollins @ dqisystems . com>
Date:	Thu, 19 Feb 1998 21:29:14 -0500
To:	<firewalls @ GreatCircle . COM>
Reply-to:	"Greg Collins" <gcollins @ dqisystems . com>

All,

We recently completed an audit for a financial institution. After we turned
in our report we received word that the V.P. who commissioned the audit
would like us to "tone down" the report. He apparently thinks that the audit
was too harsh. I obviously have an opinion on this, but I would like to hear
your thoughts on the subject.
BTW, we found some very serious problems. Such as a UNIX machine accessible
from the Internet...NO FIREWALL or anything to stop an intrusion. Yes, it
was running a version of sendmail with known problems!

Thanks
Greg Collins
Data Quest Information Systems
gcollins @
 dqisystems .
 com
"I have but one thing which cannot be taken from me, and that is my
integrity. It I must give up of my own will."

Follow-Ups:

Re: Harsh Security audits?
From: The Magic Man <merlin @ monolith . darkcore . com>
Re: Harsh Security audits?
From: emaiwald @ bigdog . fred . net
Re: Harsh Security audits?
From: "Craig I. Hagan" <hagan @ cih . com>
Re: Harsh Security audits?
From: Rabid Wombat <wombat @ mcfeely . bsfs . org>
Re: Harsh Security audits?
From: mht @ clark . net
Re: Harsh Security audits?
From: Bret Watson <lists @ bwa . net>
Re: Harsh Security audits?
From: Arjan Vos <arjan @ pino . demon . nl>

Indexed By Date	Previous:	What kind of list do you people run? From: "Brian Benevolence" <flashbrian @ hotmail . com>
Indexed By Date	Next:	Re: What the CISSP (was Re: Use the CISSP, Luke) From: Anton J Aylward <anton @ the-wire . com>
Indexed By Thread	Previous:	Re: What kind of list do you people run? From: Ken Williams <jkwilli2 @ unity . ncsu . edu>
Indexed By Thread	Next:	Re: Harsh Security audits? From: Arjan Vos <arjan @ pino . demon . nl>