[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200401192332.i0JNWUw13045@singularity.tronunltd.com>
From: itsecurity at mq.edu.au (ITSecurity Officer)
Subject: RE: new outbreak warning - Bagle
> How many companies allow *.exe attachments @ the perimeter? Then allow 6777
> outbound.
Those would be the two really good reason why University's see this
traffic between the first and the second post of the virus diagnostic
messages. Between "it exists" and "it does this" .. its too late.
> I'm speculating that small shops / home users are the largest targets. But
> *shouldn't* enterprise
> solutions stop this.
Your presumption is that all enterprises have enterprise security
solutions. Silo budget allocations make for sporadic bursts of point
purchases/solutions that have little impact in the net risk position
of the entity as a whole. Definitely the best example, outside of
government, that regional politics influences international security.
I am happy to have read a few postings on this list, in the past
week, that show some organisational maturity. Some of the most
valuable information security work that is under-exposed is the
Investment and ROI strategies for information security expenditure.
It is very hard to sell security to an organisational entity who's
primary objective is not to make money, who directly associates
information with "A4", and who remembers the internet as being
"that funny little project we dabbled in 15-20 years ago".
Organisational culture (and change) is the biggest security issue
that I've ever had to resolve, in my professional security career.
And its a hell of a lot more "challenging" than the next piece of
mobile vbscript .. (when are we going to see some mutation code
in some of these wsh apps?)
I can't say I've seen anything off-topic on this list ... regrettably,
though, whlie I would like to be on the official list of the top 3 or 4
arseholes that was published recently, I don't get time to post as
often as I would like ...
I do want to get back to this list about some oddity that I'm seeing
out of Internet Explorer, that I think *may* ultimately allow cross-
zone exploits.
--
Ian Latter
IT Security Officer
Macquarie University
Powered by blists - more mailing lists