I have to pipe in about that last post.

I agree!

I used to work for a really big university, and so performing vulernability assessments was a big, fun project. I mean, at a unversity you have a lot of different kinds of systems, a lot of hosts, and a lot of people wanking away at the soft spots. I learned a lot, but it got tiring after a few passes.

In the end I had to make a decision to back off on my hardware / software based analysis and actually talk to some people, and participate in committees, and preach about modifying the behavior of our users. Our network was pretty darn tight, but that just doesn't mean anything when you have an account system that doesn't require complex passwords or even password expiration. Or when you have professors who give all their students their account info "just so I can get class started in more quickly".