Linux Today: Linux News On Internet Time.

More on LinuxToday

Network Security Blunders

Apr 12, 2011, 23:08 (2 Talkback[s])
(Other stories by Michael Hamelin)


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

[ Thanks to An Anonymous Reader for this link. ]

"Using the wrong technology: I've seen all sorts of ways in which the square peg is pounded into the round hole, but here is one of my favorite blunders. One client argued with their auditors that because they have a firewall in front of their secure webservers it formed a second layer of authentication and so they were using two-factor authentication, a password and a firewall. I like the effort, but a firewall (by itself) is not a two factor authentication solution. Two factor authentication requires your users have something, it's something they Know and something they Have, a token and password for example.

"The accidental outage: Many of us have caused an outage at one time or another. One of our engineers tells a story of being at a client site when one such outage happened. They were working on the production firewall server gathering some data for a support case, the server was windows. The admin reached across the table and accidentally leaned on the mouse, which was over the Start Menu. As fate has it in for us network engineers at all times, the mouse activated the Start Menu and was unbelievably over the shutdown menu item when it popped up. Yep, right there in the middle of production this financial corporation watched their production firewall shutdown."

Complete Story

Related Stories: