[JNL]

I might have some real question for you haha. I admit I rag on security guys a bit much but after having been burned once or twice you get bent out of shape. We had one Security Auditor come in to sniff the network. He got all excited and ran up to our PM screaming that there was ALOT of foreign traffic on our network. We had to calm the guy down and explain to him that he was looking outward at the Internet not internally at our network. He left shortly afterwards.

[Element187]

I might have some real question for you haha. I admit I rag on security guys a bit much but after having been burned once or twice you get bent out of shape. We had one Security Auditor come in to sniff the network. He got all excited and ran up to our PM screaming that there was ALOT of foreign traffic on our network. We had to calm the guy down and explain to him that he was looking outward at the Internet not internally at our network. He left shortly afterwards.



first off.. he was an auditor ;)

external security auditors are a hoot.. they come in with no knowledge of how your particular network works.. so you really cannot count on them for quality work.. when i say security professional, im talking about someone you hired on board to sit in with network engineering teams, database admin teams, systems administration teams to participate in the development of everything and making sure all the systems are not being developed insecure.. security is more of a mind set, your always looking for configuration errors, network design flaws and so fourth... we all know network engineers will punch thousands of holes into a firewall just to get traffic working.

people who make the best in security are the people who have experience in all of the IT fields and maybe some backround in tampering (is that a better word then 'hacking'?) with computers as kids.