>From a nice, credible source that pointy-hairs can appreciate: "But, says Brill, in his experience computer security problems involve someone inside the corporation about 90 percent of the time; FBI estimates peg the figure at 85 percent." "If you think the greatest threat to information security comes from the outside--competitors, hackers or viruses--think again. Those external threats will only distract you from the dangers you face from inside your own organization." http://www.cio.com/archive/061596/security_content.html June 15, 1996 Issue of CIO Magazine Regards, George Tony Wasson wrote: > > > Trick 1. Stick a Knoppix CD in, reboot, run ethereal on the same LAN > > segment as the CSR's. > > > > Trick 2. If you are using a switch, flood the switch into failing - it > > becomes a hub. Snoop away. > > > > Trick 3. Make sure you have written permission, signed by the highest > > ranking officer of the company you can find before you do anything like > > this. > > My guess is that my audience doesn't know the difference between a hub and a > switch. Is capturing packets going to impress them? Maybe if it were > capturing passwords??? Like the dsniff tools just catching passwords. This > isn't an in office demonstration, so I shouldn't need any waivers, but > thanks for the legal advice. > > > A 1997 study released by the FBI showed 15% of the security problems > > came from Internet "Hackers," 15% from contractos and 70% from > > employees. 85% of the problems came from inside the walls. > > Unfortunately, 85% of the effort (for most companies) goes to blocking > > the 15%. > > These are the numbers I am trying to impress - the threat already sits at a > computer and gets a check on payday. > > ________________________________________________ > See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't post to the list quickly and you use Netscape to write mail. > > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss