Re: ISC will likely be shutting down FTP access to ftp.isc.org soon (https will remain)

On Sat, 28 Sep 2024 12:12:23 +0200, Julien ELIE <iulius@nom-de-mon-site.com.invalid> wrote:

Hi Wolfgang,

However, as ISC also offers support contracts for BIND and Kea, and
those customers have their own due diligence policies, we are often
subject to scrutiny and audits about how our network runs, and even for
a venerable URL like ftp.isc.org, we get questions from auditors like
"did you know you have a public FTP server on your network!  Why!?"

 
I've been working for several large companies that are legally required
to carry out annual audits of their IT infrastucture, both internal and
outsourced, and had to deal with external auditors from PWC, KPMG and
E&Y, to name just a few, and I know that it's absolutely impossible to
argue with external auditors and your customers' management if you care
about your mental health. They will drag you down to their level and
beat you with experience, so ISC is not to blame, IMHO.

>
You are doing well to remind that.  I also regularly see external audits
on some critical systems used for the public transport in Paris where I
work, and we are just asked to follow the recommendations, not to
counter-argument them.
For the most vital systems, a certification is needed by the ANSSI in
France.  I think it is a bit like the NSA in the USA or the BSI in
Germany.  Quoting Wikipedia: "The French National Agency for the
Security of Information Systems is a French service created on 7 July
2009 with responsibility for computer security.  ANSSI reports to the
Secretariat-General for National Defence and Security (SGDSN) to assist
the Prime Minister in exercising his responsibilities for defence and
national security.  The agency ensures the mission of national authority
security of information systems.  As such it is responsible for
proposing rules for the protection of state information systems and
verify the implementation of measures adopted.  In the field of cyber
defence, it provides a monitor, detect, alert and reaction to computer
attacks, especially on the networks of the State."

regards the state . . . state of the union . . . state of human affairs

the bible calls this world the great winepress, east of eden, under the
sun, lake of fire, gehenna, second death, generations, resurrection etc.
so we mere mortals are lucky that anything works in this flawless place

it's the same everywhere . . . . soylent population centers of activity
where nothing changes yet everything evolves, and human nature is fixed
because it's genetic: they worship mammon because they were born for it

nothing changes  > > >   can't fight city hall   < < <  nothing changes