>
> Bob McKisson writes:
> >
> <snip>
> > Hey you'd be amazed at the installs I've done where the customer (and
> > government of course), still absolutely insists on leavin a backdoor or
> > window open. They might as well put up a neon sign sayin "intrusion
> > gods enter here", and just spent the money on the homeless. I'm just
> > waitin for the phone to ring after they've been chomped on. But hell
> > those are only our tax dollars at work. An operation like GE has no
> > excuse.
> >
> > rmck
>
> No amazement here. They asked me to attach their trading platform
> to the PNC wan via a firewall. Did it to the best of my ability
> and THEN they said, and we want user logins on the firewall, rsh
> and rlogin and X thru the firewall. No amount of discussion of
> risks or alternatives had any effect. So, all I could do was
> do it and write a full cover-my-you-know-what memo.
>
> Having set up a few internal firewalls has given me a lot of
> insights to user idiocy. But whats worse is that these are the
> same folks about to implement a full internet connection at
> corporate headquarters in pittsburgh next quarter. SCARY!
>
> (Guess we won't see many threads about who has the worst
> firewall will we!)
>
Well, outside of the military, abject stupidity is still not (yet) a
prosecutable offense. However, this kind of thinking is so pervasive,
I'm waiting for some enterpising sole to enter the market with the
"Unfirewall"...sort of the "pet rock" of firewalls. All the features
you want in a firewall but none of those bothersome restrictive
security functions. Coming to a warehouse retailer near you,
shrinkwrapped package includes a cardboard workstation (nice color gui
for the cardboard tube), with two ethernet interfaces that actually
passes two-way unrestricted,unscreened, unfiltered and unloged
traffic...$29.95, quantity discounts available for enterprise
licenses.
rmck
|
|
