[plug] Trade [flame alert]

John Summerfield summer at OS2.ami.com.au
Wed Mar 1 11:04:17 WST 2000


> I call it "social engineering" because that is the name of this class of
> attacks.  However, if you do a brief threat analyses, then you will
> probably find that the biggest threat to your machines aren't your
> friends and people you know but random, anonymous strangers on the other
> side of the world who know nothing more about your system than it's IP

I've seen reports that, in fact, the most security breaches are 
perpetrated be people who have authorised access to the computer - people 
such as employees.

Makes sense; who has best access to BankWest computers? Who knows their 
systems best? Who knows best what might work?

Christian & Greg: which are the computers most conveniently located for 
you to attack?


hmm. I wonder how many people have used (or tried to use) passwords such 
as god (much favoured in days gone by for root), eagles, dockers, kemp, 
footy?

If you want something moderately secure for a password, choose a phrase: 
kempisaterricfootyplayer is much harder to guess than single words or sets 
of initials, but still quite easy to remember.
-- 
Cheers
John Summerfield
http://os2.ami.com.au/os2/ for OS/2 support.
Configuration, networking, combined IBM ftpsites index.





More information about the plug mailing list