[<prev] [next>] [day] [month] [year] [list]
From: full-disclosure at nym.hush.com (full-disclosure@....hush.com)
Subject: Learn from history?
>> 1. Keep informed.
>Sure. I'll inform all my 300 customers MS release a bug today,
>and I'll drop by to all of them to patch tomorrow.
"You" is implied in that statement.
>> 2. Install patches as soon as possible
>That would involve runnning Windows Automated Update every night
>automagically...
1. Microsoft already provides that feature
2. As soon as possible for "you"
>> 2. If a patch cannot be installed, find workarounds
>That does not work with the workarounds customer need to facilitate
>life (security <> easy of use, remember)
And the computers/networks will be so easy to use when lines are saturated,
file systems are corrupted or data are stolen
>> 3. If it is a port-related threat, find out if such ports are
>> in use, and if not, make sure they are closed.
>Once the virus is on the LAN it can do whatever it wants.
Hello! Block the ports BEFORE they hit the LAN. Proactive security.
Also, do us a favor and don't propogate the shit!
>> Some of the comments overheard this week regarding Sasser:
>I did propose some firewall, but they feel it's too much EUREUREUREUR
And you provided some sort of analysis showing potential losses due to
the lack of a security infrastructure, right?
>> Will they learn from history? Only history will tell.
>I'm pretty sure they won't. Even most tech guys don't have a clue.
Evidently, thanks for your example.
Powered by blists - more mailing lists