lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: jeffdick at covirt.com (Jeffrey A.K. Dick)
Subject: "MS Blast" Win2000 Patch Download

"If the environment is so bad that you cannot even do that, then you should
be surfing Monster.com for a new job rather than ranting at people on this
forum for offering sound suggestions to combat the problem."

Somebody has had too many users infected recently ... ;-D

RTFP ... Brad pointed out that blocking 135 DOESN'T fix things so "you don't
have to worry about it" ... unless you are in the enviable position where no
machines that have been outside the firewall are ever allowed inside your
network, there are no uncontrolled access points AND your users never
download anything bad.

Yes, blocking 135 at the firewall is a really, really, really, really good
idea (did somebody say that it wasn't ???), but if you think that blocking
135 means that "you don't have to worry about it", then don't even bother
with Monster.com ... you have bigger problems to attend to.

What we SHOULD be doing is replacing potentially dangerous and misleading
statements with accurate ones -- blocking 135 is no guarantee of protection
for your network, but it is a good start.

Cheers,

JAKD

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ