|
EH-Net
|
|
May 22, 2013, 05:47:11 AM
|
 Show Posts
|
|
Pages: [1] 2
|
|
3
|
EH-Net / Ethical Hacktivism / Re: Westboro Baptist vs. Anoymous
|
on: March 02, 2011, 11:36:50 PM
|
Free speech is free speech don, even if it is something people might not agree on. From one side you can be happy because it does not open the door for trails against people that criticize certain subject like is happening in some parts of Europe.
H4TT1fn4TT , I agree to a point. Perhaps the Supreme Court wasn't the best avenue nor is censorship the best approach. However, there should be an expectation for reason. For example, I can drop the F* bomb all day long at my son's little league game, but is it reasonable? I agree with you, I don't support this church and I think they should be allowed to protest whatever they wish, but it should be exercised in legal and reasonable boundaries. This conversation is moving a bit out of the cyber realm and the intent of this post. I think we can all agree that anonymous' actions were un-ethical, even if we were silently cheering in the back of our minds. |
|
|
|
|
6
|
Ethical Hacking Discussions and Related Certifications / Other / Re: Best Practices for Password Policy
|
on: February 28, 2011, 09:46:24 PM
|
Do you fall under any compliance or government regulations?
CDIZ, we have remote sites that do fall under HIPAA, some state cyber security laws and sometimes NIST SP 800-53. We don't have a security framework for our overall company at the time being (it's one of our goals). Here is a Sans link to their policies page, some good stuff in there regarding policies. http://www.sans.org/security-resources/policies/Regarding best practices here is a link to the NIST National Checklist Program which has some "checklist" style guides on recommended configuration of different OS's. http://web.nvd.nist.gov/view/ncp/repositoryPassword policies are great examples of security vs. usability. Just remember a strong password policy might result in increased help desk calls, and general frustration of the administrator(s). The best password policy is one that you stick to and not make "exceptions" for the boss's son. Thanks for the links Lubinski, I'll check them out. |
|
|
|
|
7
|
Ethical Hacking Discussions and Related Certifications / Other / Best Practices for Password Policy
|
on: February 28, 2011, 05:34:54 PM
|
|
Hi All,
Wasn't sure if this belonged in the regulatory and compliance section as it is more geared to best practices.
I'm looking for information to support our current password policy. Specifically best practices on local administrator accounts, service accounts, etc. Practical stuff on expiration dates, the sharing of, archiving old expired passwords or anything along those lines.
Does anyone have suggestions or links they can recommend? I can provide more info if you need it.
thanks for reading,
|
|
|
|
|
8
|
Resources / News from the Outside World / Re: NY Senator Urges Increased Public Wi-Fi Security.
|
on: February 28, 2011, 03:16:18 PM
|
That still won't stop man in the middle attacks against users in these locations, just may make them a little harder
Agreed, but at least there is starting to be recognition in the political realm. People are still not aware they are at risk and continue on using "password" for everything. Of course on the flip side, I'm a little uncomfortable with the Government making these "requirements"... I think better time is spent in programs like Stop.Think.Connect. |
|
|
|
|
9
|
EH-Net / Special Events / Re: RUaNinja? Win Signed Copies of Ninja Hacking Book
|
on: February 27, 2011, 02:04:13 PM
|
That's fair, and thanks for giving us a couple of extra days to still figure it out. It's been really challenging and I'm enjoying learning along the way. There's still time for me to figure it out tonight!  Short answer... no.
Long answer... we have more than 3 ninjas, so there will be winners of the signed copies of the book without having to reward some who had hints and some who didn't. So for fairness, there willbe no hints before the end of the month.
On March 1, we'll start giving away little hints to see if some people want to try it without being given the entire thing.
Then we'll do a write-up... maybe even with the help of the first ninja... so we'll take you through the whole process.
Hope that helps,
Don
|
|
|
|
|
10
|
EH-Net / Ethical Hacktivism / Re: Internet ‘Kill Switch’ Legislation Back in Play
|
on: February 26, 2011, 08:12:36 PM
|
|
Does the gov't have a the power to kill television or radio? It seems to me like this bill is driven out of FUD, and not any real need. I think it only makes matters worse, the threat of an EMP, a major blackout or an attack on the smart grid are real threats we face, why give the bad guys one more tool?
|
|
|
|
|
11
|
EH-Net / Ethical Hacktivism / Re: Westboro Baptist vs. Anoymous
|
on: February 26, 2011, 08:06:11 PM
|
From an ethical hacking standpoint, anonymous is breaking the law. This is the reason I started this board. To point out that, although intentions may be good, breaking the law regardless on which side of an argmunet you are, is wrong and shouldn't be done.
I like the counter-protest idea that has been done. Groups legally protested Westboro and had enough participants to actually block the westboro protesters from getting near a funeral. Now that's perfect on 2 fronts... it's legal and it promotes more free speech rather than less.
From a personal standpoint, I just hope the supreme court hands down a decision against Westboro. If they do, they penalty will for all intents and purposes make their sad organization go away.
Don
PS - Great topic awhitehatter.
Thank you Don, I agree, I like the counter pro-test idea as long as it remains in the legal spectrum. H4TT1fn4TT, thanks for the update. |
|
|
|
|
Loading...
|
News from the Outside World : Google Dropping Windows For Internal Use
