Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!uwm.edu!psuvax1!rutgers!bellcore!iscp.Bellcore.COM!jona From: jona@iscp.Bellcore.COM (Jon Alperin) Newsgroups: comp.admin.policy Subject: Re: SUSPEND SYSOPS, NOT STUDENTS Message-ID: <1991Jun21.124808.19830@bellcore.bellcore.com> Date: 21 Jun 91 12:48:08 GMT References: <20740@slice.ooc.uva.nl> Sender: usenet@bellcore.bellcore.com (Poster of News) Reply-To: jona@iscp.Bellcore.COM (Jon Alperin) Organization: Bell Communications Research (Bellcore) Lines: 29 Joe, I just noticed your internet address (USWEST) so look at this security issue in two other lights... If you were joe average user, and provided computing resources to do your job (which was in no way related to sysadmin), then there is no reason for you to look for holes in the system. Since you are responsible for producing some amount of work, your security concerns should go to your boss and the boss of the sysadmin. Friendship issues aside, I can think of no one these days at a management level who does not take security seriously. Second, from a telco point of view, you do not want other users tapping into phone lines just to show that the telephone company has security holes. One would hope (:-{) that a private network user would present their concerns to the telco (who is being paid by this customer) rather than attempt to "break their system" (The ppsn, ss7 net, etc.) just to show the telco that security holes exist. THIS "BREAK & SHOW" IS NOT A GOOD POLICY IN ANY CASE. -- Jon Alperin Bell Communications Research ---> Internet: jona@iscp.bellcore.com ---> Voicenet: (908) 699-8674 ---> UUNET: uunet!bcr!jona * All opinions and stupid questions are my own *