Results 1 to 7 of 7

Thread: P2P security issues.......surely not

  1. #1
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534

    Post P2P security issues.......surely not

    I've just got the following white paper re:- P2P on a corporate system, problems and cures.
    Came via the VNU Research Library.
    Haven't finished reading it myself yet, but there is a lot of info here.
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  2. #2
    Senior Member
    Join Date
    Jun 2004
    Posts
    460
    very interesting reading it put the whole p2p scene into a new perspective for me (especially since the corporate structure can be easily compared to a school structure)

    thanks
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
    CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM

  3. #3
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Nice one Foxy!

    As djscribble says:

    (especially since the corporate structure can be easily compared to a school structure)
    Or local government and libraries?

    Thanks


  4. #4
    Originally posted here by nihil
    Nice one Foxy!

    As djscribble says:



    Or local government and libraries?

    Thanks

    Ive never seen a public library with good security.....
    if you have time be sure to drop my my website at www.johnscompany.net

  5. #5
    Senior Member
    Join Date
    Jun 2004
    Posts
    112
    unit321:
    Maybe that is because most of the time all of the securing is being done by volunteers. (At least in my town). I know that most libraries in small towns have a very limited budget to work with so they don't have a lot to spend on security. I am sure if you find the security of your library below your standards that if you asked they may be more than happy to let you help secure it. It would do them a service and it would be a good learning experience for you also.


  6. #6
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    Not to say that what the paper says is untrue or even slanted, but keep in mind that it is trying to sell you something. Something that is very expensive. And because of it's pay as you play policy, it's a cost that never truly goes away.

    Here's a scenario that would probably be a little more cost effective. Simply do not allow users to load illegitimate software on their boxes, how about that?

    I've run websense on an enterprise network of more than 3500 users, using the "all-powerful" Cacheflow boxes. I was not impressed. The amount of money you spend is far greater a threat to a healthy business environment than mitigating the risk by putting in a few hours creating a policy all users are forced to follow.

    They act as if they are the ONLY ones with the solution when in fact the solution might very well be staring you right in the face.

    For windows, how about an enterprise policy? And as for *nix, well, if you can't figure THAT out, I'm certainly not going to help you.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  7. #7
    Originally posted here by hobbdebub
    unit321:
    Maybe that is because most of the time all of the securing is being done by volunteers. (At least in my town). I know that most libraries in small towns have a very limited budget to work with so they don't have a lot to spend on security. I am sure if you find the security of your library below your standards that if you asked they may be more than happy to let you help secure it. It would do them a service and it would be a good learning experience for you also.
    I also volenteer at the library I teach classes on computers and security and stuff. I have submitted many exploits, flaws, and patches/solutions to library security managers, not ONE has been taken seriously or had something done about it. For instance the timer on the computers can be done with a ctrl+alt+delete and you can create your own accounts on computers enabling you to install trojans, delete files, and otherwise raise hell. This is a serious problem at the library. I suprisingly see many people commiting dirty deeds on libarary computers. Also in the lah pwds are sent in the clear! Hello! Anybody home! What about a simple encryption system for the lan or something. Quite frankly library securit, at least what ive seen is pathetic.
    if you have time be sure to drop my my website at www.johnscompany.net

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •