[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.43.0301312028440.9875-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: The worm author finally revealed!
On Fri, 31 Jan 2003, Schmehl, Paul L wrote:
[SNIP]
>
> Now I'm even more surprised that you haven't gotten my point. Or are
> you just trying to play devil's advocate? My point is that the twits
> that think every admin whose network got one instance of Slammer or who
> wasn't already blocking 1434/UDP should be fired for incompetence simply
> don't have any comprehension of how a large network works. It's easy to
> say "pull the plug" when you're not responsible for the boxes. It's a
> bit harder when you have competing constituencies demanding opposing
> actions.
>
> At UTD we *do* pull the plug. But I would never be so arrogant as to
> demand that someone else do, because I don't know their network. There
> can be a *ton* of reasons why something wasn't done (like patching or
> blocking ports) *other than* incompetence.
Some of us do understand the point you are trying to make, we are just
rejecting it's validity. The point<s> is/are:
The information about a weakness, and a dramatic weakness was available
for at least 6 months. Even though the windows patch world is a
nightmare With or without 3rd party software issues>, that's what admins
and security folks get paid for. Thus, if they are doing their jobs,
patches are applied <at the least on those hardend machines in exposure,
most often on a DMZ>, and the vulnerable systems not able to be patched
are properly protected by the perimiter security devices. Anything less,
is inexcusable. Either the security folks have a policy and the power to
enforce it, or they don't. If the environment is lacking the political
momentum to provide a strong enforacble security policy, then like every
place else, it's about time those clued in start playing the political
game to get that policy and power, or look for a better climate to work.
A person has alot of assets available to them to fight for security at
the moment with homeland security and all the government 'initiatives',
hell te windows folks have the words of Bill Gates to lean on to make a
point about the importance of protecting the assests of the organization,
be it a edu, com, or org. What is shocking, is that so many didn't pay
full attention to the information available to allow this
bandwidth-spammer to have as dramatic affects as it did. A good
number of places that were properly prepared were affected by the
many that weren't. Sadly, some of us are going to be shocked again in
another 6 months when new code cripples large portions of the net for a
few hours or a few days depending upon perhaps the 'conscious' of
him/her/them that unleashes it and the payload they pack it with...
Thanks,
Ron DuFresne
<it's all politics, but the work you get paid for...>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists