[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040513195732.GI1624@suespammers.org>
From: rodrigob at suespammers.org (Rodrigo Barbosa)
Subject: Sasser author
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
1) Company has firewalls and security stuff (and staff)
2) Manager has a notebook
3) Manager insist that his notebook should not be connected to a
"low security" network segment, cause he wants to be on the same
network everyone else is, and once he is the boss, things will be
the way he wants
4) Manager forbids the instalation of any "stupid software that keeps
giving popups every time I want to access the internet" (Personal
Firewalls)
5) Manager connect with his notebook to the internet at home
6) Manager plugs his notebook back on the company network
How often is this scenary ? I met it at least 3 times during the
Sasser infestantion alone.
[]s
On Thu, May 13, 2004 at 08:31:34AM -0700, Harlan Carvey wrote:
> Come on, Larry...
>
> The first thing in the MS bulletin about Sasser is
> "enable a firewall"...block the port. Slammer was the
> same way.
>
> And yeah, I know about the dial-up and VPN issues, but
> there are designs that protect against infections
> there, was well.
>
> Perhaps after all these years of publishing "best
> practices", maybe the victims would
> stop...well...being victimized.
>
>
> --- Larry Seltzer <larry@...ryseltzer.com> wrote:
> > >>Sasser violates poorly designed/implemented
> > network infrastructures.
> >
> > I think we'd better be careful with all this moral
> > equivocating. Some of it's right up
> > there with "she was wearing provocative clothing."
> > It's obvious who the criminal is and
> > who the victim is.
> >
> > Larry Seltzer
> > eWEEK.com Security Center Editor
> > http://security.eweek.com/
> > http://blog.ziffdavis.com/seltzer
> > larryseltzer@...fdavis.com
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
- --
Rodrigo Barbosa <rodrigob@...spammers.org>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAo9MspdyWzQ5b5ckRArZOAKCT0yRo2hLs6dWALlXJguvK3h4DGACgjc8E
B8V0B83GAei8qSBH8RT7cwY=
=mRA+
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists