From: D <J@M>
References: <1f19a554-8a81-ce8c-8ac6-7ab1e053a632@isc.org>
 <66f787ad$1@news.ausics.net> <8m1q14ku79.fsf@raybanana.net>
 <vd8kq7$1i1be$1@news.trigofacile.com>
Subject: Re: ISC will likely be shutting down FTP access to ftp.isc.org soon
 (https will remain)
Content-Transfer-Encoding: 7bit
Message-ID: <6da8182e6504aad4b4c3de715c49e87a@dizum.com>
Date: Sat, 28 Sep 2024 15:49:04 +0200 (CEST)
Newsgroups: news.software.nntp
Path: ...!feeds.phibee-telecom.net!3.eu.feeder.erje.net!feeder.erje.net!news2.arglkargh.de!alphared!sewer!news.dizum.net!not-for-mail
Organization: dizum.com - The Internet Problem Provider
X-Abuse: abuse@dizum.com
Injection-Info: sewer.dizum.com - 2001::1/128
Bytes: 3517
Lines: 45

On Sat, 28 Sep 2024 12:12:23 +0200, Julien ELIE <iulius@nom-de-mon-site.com.invalid> wrote:
>Hi Wolfgang,
>>>> However, as ISC also offers support contracts for BIND and Kea, and
>>>> those customers have their own due diligence policies, we are often
>>>> subject to scrutiny and audits about how our network runs, and even for
>>>> a venerable URL like ftp.isc.org, we get questions from auditors like
>>>> "did you know you have a public FTP server on your network!  Why!?"
>> 
>> I've been working for several large companies that are legally required
>> to carry out annual audits of their IT infrastucture, both internal and
>> outsourced, and had to deal with external auditors from PWC, KPMG and
>> E&Y, to name just a few, and I know that it's absolutely impossible to
>> argue with external auditors and your customers' management if you care
>> about your mental health. They will drag you down to their level and
>> beat you with experience, so ISC is not to blame, IMHO.
>
>You are doing well to remind that.  I also regularly see external audits 
>on some critical systems used for the public transport in Paris where I 
>work, and we are just asked to follow the recommendations, not to 
>counter-argument them.
>For the most vital systems, a certification is needed by the ANSSI in 
>France.  I think it is a bit like the NSA in the USA or the BSI in 
>Germany.  Quoting Wikipedia: "The French National Agency for the 
>Security of Information Systems is a French service created on 7 July 
>2009 with responsibility for computer security.  ANSSI reports to the 
>Secretariat-General for National Defence and Security (SGDSN) to assist 
>the Prime Minister in exercising his responsibilities for defence and 
>national security.  The agency ensures the mission of national authority 
>security of information systems.  As such it is responsible for 
>proposing rules for the protection of state information systems and 
>verify the implementation of measures adopted.  In the field of cyber 
>defence, it provides a monitor, detect, alert and reaction to computer 
>attacks, especially on the networks of the State."

regards the state . . . state of the union . . . state of human affairs

the bible calls this world the great winepress, east of eden, under the
sun, lake of fire, gehenna, second death, generations, resurrection etc.
so we mere mortals are lucky that anything works in this flawless place

it's the same everywhere . . . . soylent population centers of activity
where nothing changes yet everything evolves, and human nature is fixed
because it's genetic: they worship mammon because they were born for it

nothing changes  > > >   can't fight city hall   < < <  nothing changes