| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: dufresne at winternet.com (Ron DuFresne) Subject: The worm author finally revealed! On Fri, 31 Jan 2003, Schmehl, Paul L wrote: [SNIP] > > Now I'm even more surprised that you haven't gotten my point. Or are > you just trying to play devil's advocate? My point is that the twits > that think every admin whose network got one instance of Slammer or who > wasn't already blocking 1434/UDP should be fired for incompetence simply > don't have any comprehension of how a large network works. It's easy to > say "pull the plug" when you're not responsible for the boxes. It's a > bit harder when you have competing constituencies demanding opposing > actions. > > At UTD we *do* pull the plug. But I would never be so arrogant as to > demand that someone else do, because I don't know their network. There > can be a *ton* of reasons why something wasn't done (like patching or > blocking ports) *other than* incompetence. Some of us do understand the point you are trying to make, we are just rejecting it's validity. The point<s> is/are: The information about a weakness, and a dramatic weakness was available for at least 6 months. Even though the windows patch world is a nightmare With or without 3rd party software issues>, that's what admins and security folks get paid for. Thus, if they are doing their jobs, patches are applied <at the least on those hardend machines in exposure, most often on a DMZ>, and the vulnerable systems not able to be patched are properly protected by the perimiter security devices. Anything less, is inexcusable. Either the security folks have a policy and the power to enforce it, or they don't. If the environment is lacking the political momentum to provide a strong enforacble security policy, then like every place else, it's about time those clued in start playing the political game to get that policy and power, or look for a better climate to work. A person has alot of assets available to them to fight for security at the moment with homeland security and all the government 'initiatives', hell te windows folks have the words of Bill Gates to lean on to make a point about the importance of protecting the assests of the organization, be it a edu, com, or org. What is shocking, is that so many didn't pay full attention to the information available to allow this bandwidth-spammer to have as dramatic affects as it did. A good number of places that were properly prepared were affected by the many that weren't. Sadly, some of us are going to be shocked again in another 6 months when new code cripples large portions of the net for a few hours or a few days depending upon perhaps the 'conscious' of him/her/them that unleashes it and the payload they pack it with... Thanks, Ron DuFresne <it's all politics, but the work you get paid for...> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists