Sources of security breaches (was: Trade)

[Leon Brooks]

Christian wrote:
> John Summerfield wrote:
>> I've seen reports that, in fact, the most security breaches
>> are perpetrated be people who have authorised access to the
>> computer - people such as employees.

> I've already given my opinion on the validity of these and their
> relevancy today.

We are so blessed. (-:

As one who is more-or-less sole tech support for a small ISP, and also
runs several other full-time-connected non-ISP networks, I can draw on
my own experience and say "John is right."

While there may be a numerically higher number of probes coming in off
the internet, by far the most *actual*breaches* come through people with
a head-start in security knowledge, to wit, those with authorised access
to the system, or from people who know you and have stronger motivation
for breaking in (resentment, dare, joke).

Not that this is much of a head-start - run John the Ripper over many
password files, and it will spit out passwords for about a third of the
accounts within a minute, maybe half that number within 5 seconds. This
is why my default user shell is /bin/false.

-- 
Noah's Ark was an Open Source project (everyone was invited to help).
The Titanic was not. http://www.opensource.org/