[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <OF41B5CD72.E79A0B21-ON86256E93.0060EA74-86256E93.0061EB90@kohls.com>
From: Bart.Lansing at kohls.com (Bart.Lansing@...ls.com)
Subject: Sasser author
Come on Harlan...
That's just like saying "after al these years of rapes, maybe the victims
would stop being victimized"...to continue on with Larry's analogy.
The locked house analogy is fine too...should my locks maybe be better?
Maybe...but the guy who breaks into my house is the criminal and I am the
victim. In fact, even if I don't lock my house, the guy is still a
criminal.
The author is wrong, period, he is the one who wrote and released it...
It's one thing to continuously, strenuously, lobby for better
software...more effective systems management/administration
policies...better education at the user level...this is a good thing, a
needful thing. It is quite another to excuse a criminal of his behaviour.
I may be stupid if I leave my car window down and my laptop on the car
seat...but you are a thief and a criminal if you steal it.
Bart Lansing
Manager, Desktop Services
Kohl's IT
full-disclosure-admin@...ts.netsys.com wrote on 05/13/2004 10:31:34 AM:
> Come on, Larry...
>
> The first thing in the MS bulletin about Sasser is
> "enable a firewall"...block the port. Slammer was the
> same way.
>
> And yeah, I know about the dial-up and VPN issues, but
> there are designs that protect against infections
> there, was well.
>
> Perhaps after all these years of publishing "best
> practices", maybe the victims would
> stop...well...being victimized.
>
>
> --- Larry Seltzer <larry@...ryseltzer.com> wrote:
> > >>Sasser violates poorly designed/implemented
> > network infrastructures.
> >
> > I think we'd better be careful with all this moral
> > equivocating. Some of it's right up
> > there with "she was wearing provocative clothing."
> > It's obvious who the criminal is and
> > who the victim is.
> >
> > Larry Seltzer
> > eWEEK.com Security Center Editor
> > http://security.eweek.com/
> > http://blog.ziffdavis.com/seltzer
> > larryseltzer@...fdavis.com
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
CONFIDENTIALITY NOTICE:
This is a transmission from Kohl's Department Stores, Inc.
and may contain information which is confidential and proprietary.
If you are not the addressee, any disclosure, copying or distribution or use of the contents of this message is expressly prohibited.
If you have received this transmission in error, please destroy it and notify us immediately at 262-703-7000.
CAUTION:
Internet and e-mail communications are Kohl's property and Kohl's reserves the right to retrieve and read any message created, sent and received. Kohl's reserves the right to monitor messages by authorized Kohl's Associates at any time
without any further consent.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040513/c666b10e/attachment.html
Powered by blists - more mailing lists