My point is that I believe we are not a likely target. I believe attacks on museums are the exception, rather than the rule. Of course it can happen and one should take precautions. We currently run firewall software on our server which is designed to prevent un authorized access and it provides us with the tools to limit authorized access. However, I'm realistic...anyone with a bit of real knowledge could break in. Any institution that has really valuble information that needs to be protected at all costs should not put that data on a computer which is on a network with access to the Internet or modems. I see our real risk coming from someone who has authorized access to our network. Jim >At 08:18 28/01/97 -0800, you wrote: >>If someone had enough incentive and knowledge, our server could be readily >>pilfered. >(...) >>However, our museum is hardly a favoured hacker's target, and if we ever do >>have trouble, we'll be able to justify the expense to make the network >>really safe. >> >>Jim > >I agree: it's not given to the first come to attack and destroy/steal >museum data on a web site. But there is a possibility and that's >enough. > >As for museum not being a favoured target, I do not agree. > >Every museum is a favoured target. > >Aren't city walls a favoured targets of vandals ? (in that sense, that's >what a >hacker is if he/she intend no so much to steal as to destroy). > >Aren't subways (from vehicules to buildings) a favoured target ? > >And there is a lot of example of web sites which had been targeted >by hackers during the last weeks: religious sites, internet providers... > >ANY site is a target... > >To say "if we ever do have trouble, we'll be able to justify the expense..." is >equivalent to say, "if we ever do have someone stealing or destroying >something in the collection, we'll be able to justify the expense for museum >security". You don't correct such a situation. You prevent it . > >My opinion is: > >IF your museum intend to have a permanent presence >on the web (i.e. your own site, not just rented space on a server where >security should be a responsability of the Internet provider) and there >is a PHYSICAL connection to your LAN or WAN, you should inforce >regular museum security policies (i.e. ICOM standards) and >implement special measures proposed by organisations like >the National Computer Security Associaition. > >The Canadian Heritage Information Network may also have >informations and opinions on the subject. Could someone from >CHIN participate in the discussion ? > >Jean-Paul Viaud >curator > > > > p_n__n__----- _______ Musée Ferroviaire Canadi<n Railway Museum > d ___--__| HH|| `--- 120, St-Pierre, Saint-Constant (QC) > _T-------'___-|___________ J5A 2G9 Canada >'o=o ()()()--' o=o`---'o=o Tel. (514) 638-1522 / Fax.(514) >638-1563 > - CP 999 - jpviaud@odyssee Jim Angus Internet and Hypermedia Programs Natural History Museum of Los Angeles County 900 Exposition Blvd. Los Angeles, CA 90007 http://www.nhm.org/nhm voice: 213/744-3317 fax: 213/746-2999 eMail: [log in to unmask] = [log in to unmask] [log in to unmask] [log in to unmask] [log in to unmask] [log in to unmask]