lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040513212004.93275.qmail@web41608.mail.yahoo.com>
From: keydet89 at yahoo.com (Harlan Carvey)
Subject: Sasser author

Rodrigo,

Please go back and re-read my post...particularly:

"And yeah, I know about the dial-up and VPN issues,
but
there are designs that protect against infections
there, was well.
 
Perhaps after all these years of publishing "best
practices", maybe the victims would
stop...well...being victimized."

I know about this scenario...but what I'm saying about
infrastructure designs and "best practices" still
applies.  The scenario you outlined actually makes my
point...not having policies and "best practices" in
place is what keeps biting us in the butt, NOT the
worms and their authors.  And yes, I'm fully aware
that the security guy will say "...we should..." and
someone at the CxO level will say "no, it's too
inconvenient" or "too costly" or some other such
nonsense.  Been there, done that...

These worms are effective in the corporate
infrastructure b/c the people responsible for such
things allow them to be.  Universities are
different...protect the protectable as best as
possible, and let the students fend for themselves
(how about turning on the f/w in XP???).  


> 1) Company has firewalls and security stuff (and
> staff)
> 2) Manager has a notebook
> 3) Manager insist that his notebook should not be
> connected to a 
>    "low security" network segment, cause he wants to
> be on the same
>    network everyone else is, and once he is the
> boss, things will be
>    the way he wants
> 4) Manager forbids the instalation of any "stupid
> software that keeps
>    giving popups every time I want to access the
> internet" (Personal
>    Firewalls)
> 5) Manager connect with his notebook to the internet
> at home
> 6) Manager plugs his notebook back on the company
> network
> 
> 
> How often is this scenary ? I met it at least 3
> times during the
> Sasser infestantion alone.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ