Christopher L. Morrow [2/5/2004 10:45 PM] :
Sure, anything is dangerous in the 'right' (wrong?) hands. Is the fault with the vendor or the person(s) implementing or the 'management' of said person(s)? Even an openbsd firewall is a problem if not properly admin'd.
of course, but you do have to contend with the fact that it takes at least some amount of IQ beyond the point and click level to fire up vi and use a command line interface. :) Neal Stephenson's "in the beginning was the command line" is an interesting take on this, I think.
Nope, but pointing out their failures in a sensible manner to their management is helpful... sometimes atleast :( Failing any action there the whole group is just shooting themselves in the foot and there isn't much you can do about that, is there? (except to get out of the blast radius)
Actually, the problem is that when dealing with a bunch of know it alls like that, even waving manufacturer's documentation in front of them doesn't really help Like my friend's cable ISP, that recently turned on "smtp fixup" on a cisco pix on port 25 across their entire network. He's got a static IP, runs linux + postfix, and is still left with a completely crippled mailserver (no AUTH, no TLS, no ESMTP ...) thanks to this. Waving cisco docs at them doesn't seem to have helped at all. [Moving is tough, they are the only broadband in the bangalore suburb where he lives] -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations