[unisog] Pen testers after my own heart...

Michael Holstein michael.holstein at csuohio.edu
Tue Jul 25 13:18:52 GMT 2006


> Is disabling USB an option[5]?  In some environments, maybe.  What about 
> disabling all external media[6] (since as someone else pointed out, they 
> DO autorun without any trickery, and they're cheaper than USB keys to 
> boot!)?  This is a hard problem, and I'm not sure education is the 
> answer.  How long have we been trying to educate users about strong 
> passwords?

Both are easily accomplished with Group Policy. So is password strength, 
but then you've got the Post-It problem.

> 2) There's only so much we can do to prevent users from shooting 
> themselves.  

Social Darwinism : try to make something idiot-proof, and nature will 
provide a better idiot.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University


More information about the unisog mailing list