I've just got the following white paper re:- P2P on a corporate system, problems and cures.
Came via the VNU Research Library.
Haven't finished reading it myself yet, but there is a lot of info here.
Printable View
I've just got the following white paper re:- P2P on a corporate system, problems and cures.
Came via the VNU Research Library.
Haven't finished reading it myself yet, but there is a lot of info here.
very interesting reading :) it put the whole p2p scene into a new perspective for me (especially since the corporate structure can be easily compared to a school structure)
thanks :)
Nice one Foxy!
As djscribble says:
Or local government and libraries?Quote:
(especially since the corporate structure can be easily compared to a school structure)
Thanks
:D
Ive never seen a public library with good security.....Quote:
Originally posted here by nihil
Nice one Foxy!
As djscribble says:
Or local government and libraries?
Thanks
:D
unit321:
Maybe that is because most of the time all of the securing is being done by volunteers. (At least in my town). I know that most libraries in small towns have a very limited budget to work with so they don't have a lot to spend on security. I am sure if you find the security of your library below your standards that if you asked they may be more than happy to let you help secure it. It would do them a service and it would be a good learning experience for you also.
Not to say that what the paper says is untrue or even slanted, but keep in mind that it is trying to sell you something. Something that is very expensive. And because of it's pay as you play policy, it's a cost that never truly goes away.
Here's a scenario that would probably be a little more cost effective. Simply do not allow users to load illegitimate software on their boxes, how about that?
I've run websense on an enterprise network of more than 3500 users, using the "all-powerful" Cacheflow boxes. I was not impressed. The amount of money you spend is far greater a threat to a healthy business environment than mitigating the risk by putting in a few hours creating a policy all users are forced to follow.
They act as if they are the ONLY ones with the solution when in fact the solution might very well be staring you right in the face.
For windows, how about an enterprise policy? And as for *nix, well, if you can't figure THAT out, I'm certainly not going to help you.
I also volenteer at the library I teach classes on computers and security and stuff. I have submitted many exploits, flaws, and patches/solutions to library security managers, not ONE has been taken seriously or had something done about it. For instance the timer on the computers can be done with a ctrl+alt+delete and you can create your own accounts on computers enabling you to install trojans, delete files, and otherwise raise hell. This is a serious problem at the library. I suprisingly see many people commiting dirty deeds on libarary computers. Also in the lah pwds are sent in the clear! Hello! Anybody home! What about a simple encryption system for the lan or something. Quite frankly library securit, at least what ive seen is pathetic.Quote:
Originally posted here by hobbdebub
unit321:
Maybe that is because most of the time all of the securing is being done by volunteers. (At least in my town). I know that most libraries in small towns have a very limited budget to work with so they don't have a lot to spend on security. I am sure if you find the security of your library below your standards that if you asked they may be more than happy to let you help secure it. It would do them a service and it would be a good learning experience for you also.