lsheldon at creighton.edu
Fri Feb 21 21:30:06 GMT 2003
> If this is the report I'm thinking of, we had a presentation here a
> few months ago by someone who was directly involved in the project
> that produced that report. Sorry, don't remember her name just now.
> Her conclusion though was that the really costly incidents were the
> ones where the techies got interested in "what happened here?" and
> spent lots of time analyzing the exploit, forensics, et al. Secondary
> conclusion: if you want to save $$ don't do this; when a system is
> cracked, wipe, reinstall, get back to business, let it go.
> Not saying I fully endorse this strategy, though it's obvious how this
> conclusion can easily be reached. Just reporting what I heard.
That is a fine strategy--as long the much maligned "techies" have no
responsibilities either for assessing the extent of the damage, nor for
preventing a recurrence.
And you have a pool of replacment "techies" to fill the gaps left by
departures where they are allowed to do their jobs.
. L. F. (Larry) Sheldon, Jr. .
- Unix Systems and Network Administration -
. Creighton University Computer Center-Old Gym .
- 2500 California Plaza -
. Omaha, Nebraska, U.S.A. 68178 Two identifying characteristics .
- lsheldon at creighton.edu of System Administrators: -
. 402 280-2254 (work) Infallibility, and the ability to .
- 402 681-4726 (cellular) learn from their mistakes. -
. 402 332-4622 (residence) (Adapted from Stephen Pinker) .
- http://www.creighton.edu/~lsheldon -
. Si hoc legere scis nimium eruditionis habes .
More information about the unisog