[unisog] justification

Larry Sheldon lsheldon at creighton.edu
Fri Feb 21 21:30:06 GMT 2003


> If this is the report I'm thinking of, we had a presentation here a
> few months ago by someone who was directly involved in the project
> that produced that report.  Sorry, don't remember her name just now.
> 
> Her conclusion though was that the really costly incidents were the
> ones where the techies got interested in "what happened here?" and
> spent lots of time analyzing the exploit, forensics, et al.  Secondary
> conclusion: if you want to save $$ don't do this;  when a system is
> cracked, wipe, reinstall, get back to business, let it go.
> 
> Not saying I fully endorse this strategy, though it's obvious how this
> conclusion can easily be reached.  Just reporting what I heard.

That is a fine strategy--as long the much maligned "techies" have no
responsibilities either for assessing the extent of the damage, nor for 
preventing a recurrence.

And you have a pool of replacment "techies" to fill the gaps left by
departures where they are allowed to do their jobs.
--
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
. L. F. (Larry) Sheldon, Jr.                                            .
- Unix Systems and Network Administration                               -
. Creighton University Computer Center-Old Gym                          .
- 2500 California Plaza                                                 -
. Omaha, Nebraska, U.S.A.  68178       Two identifying characteristics  .
- lsheldon at creighton.edu                  of System Administrators:     -
. 402 280-2254 (work)                Infallibility, and the ability to  .
- 402 681-4726 (cellular)               learn from their mistakes.      -
. 402 332-4622 (residence)                (Adapted from Stephen Pinker) .
- http://www.creighton.edu/~lsheldon                                    -
.              Si hoc legere scis nimium eruditionis habes              .
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-



More information about the unisog mailing list