× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2007

Re: script to change Client Access .ws profiles

I agree it's risk assessment. Not that I've seen or done any study, but have
always felt the sniffer is the bigger risk, especially when this user
population has a high degree of technical ability (manufacture/overhaul with lots of electronic components), and located in many diverse and not easily monitored locations.
Jim

---- Steve Martinson <smartfamily2003@xxxxxxxxx> wrote:
It's more for bypassing the green screen telnet signon that passes the pwd
in clear text.
(or have they fixed this? this site running an old CA Express).

To my knowledge, this has not been fixed. Good idea that's been around for a while, as long as your users control access to their desktop.

Risk has been defined in many ways, but when looking at IT governance, I like this one: "the threat or probability that an action or event, will adversely or beneficially affect an organizations ability to achieve its objectives."

So, when looking at this from a risk assessment perspective, what is more likely to occur on the inside - a rogue user hooking a sniffer up to the network and snagging the port 23 clear text passwords, OR someone accessing another user's desktop while they're temporarily away and having the ability to fire up a CA session that doesn't force signon?

Best regards,

Steven W. Martinson, CISSP, CISM
Sheshunoff Management Services, LP.
Senior Consultant - Technology & Risk Management
2801 Via Fortuna, Suite 600 | Austin, TX 78746
Direct: 281.758.2429 | Mobile: 512.779.2630
e.Mail: smartinson@xxxxxxxxx



____________________________________________________________________________________
Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
http://smallbusiness.yahoo.com/webhosting
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.