Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stealing Data? A Sniffer Shows it's Easy

Posted by timothy on Sunday July 31, 2005 @08:45AM from the duh dept.

museumpeace writes "Though its not exactly a How-To of cracking into financial institutions, a few intriguing details are mentioned in a New York Times article "the Sniffer vs the Cybercrooks" (it's worth the cookie). From the article: ""Tell me the things you most want to keep secret," Mr. Seiden challenged a top executive at the bank a few years back.....A week later, Mr. Seiden again sat in this man's office in Manhattan, in possession of both supposedly guarded secrets....""

1 of 206 comments (clear)

Min score:

Reason:

Sort:

Re:Good points by Hal9000_sn3 · 2005-07-31 10:09 · Score: 5, Insightful

You seem to have left out the three most important things.
1. Education
2. Education
and
3. Education
Without education, a junior sysadmin can open ports on your firewall, or run up their own harmless little p2p box in the DMZ.
Users will share their credentials, or choose weak ones.
Someone will find the false positives from the NIDS to be annoying, and route the output to /dev/nul
Removed code will be reinstalled. And so on...
All is in vain without education.