Full Disclosure mailing list archives
Re: DCOM Exploit MS03-026 attack vectors
From: Ron DuFresne <dufresne () winternet com>
Date: Sat, 2 Aug 2003 18:37:45 -0500 (CDT)
[SNIP]
Bluetooth phones as modems! I have been calling on this issue for some time, and generally received a dismissive response from System Administrators and IT management. No one wants the work load or responsibility this entails. I suppose that if you don't acknowledge the problem's existence, you can't be faulted for lack of due care! If they keep their heads in the sand long enough, somebody is going to find out what Ostrich meat tastes like...
Which is most likely the reason that so many wireless implimentations are setup in such crappy out-of-the-box default installs. And put into production settings that way, no WEP, default ssid's, open dhcp, etc. And often by organizastions that *should* know better! You know, those big companies with the .gov/dod contracts, that fill all the gov/mil sites seats with consultants and such. The industry has a bad track record as a whole with moving new technology into production settings withouth the slightest consideration of how it might iimpact what's already been iin place and tweaked over time to provide some level of security. Of course you then have them danged .edu's, and the state of Texas and how they do things...but, that's a horse been beaten near to death <grin>. Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: DCOM Exploit MS03-026 attack vectors, (continued)
- Re: DCOM Exploit MS03-026 attack vectors Nick FitzGerald (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Brad Bemis (Jul 31)
- RE: DCOM Exploit MS03-026 attack vectors Paul Tinsley (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Jasper Blackwell (Jul 31)
- Re: RE: DCOM Exploit MS03-026 attack vectors Richard Spiers (Aug 01)
- Re: RE: DCOM Exploit MS03-026 attack vectors Geoincidents (Aug 02)
- Re: RE: DCOM Exploit MS03-026 attack vectors Richard Spiers (Aug 01)
- RE: RE: DCOM Exploit MS03-026 attack vectors Parker, Jeff (MSE) (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Bassett, Mark (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Bryan K. Watson (Aug 01)
- Re: DCOM Exploit MS03-026 attack vectors Jeremiah Cornelius (Aug 01)
- Re: DCOM Exploit MS03-026 attack vectors Ron DuFresne (Aug 02)
- RE: DCOM Exploit MS03-026 attack vectors Bryan K. Watson (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Nick FitzGerald (Aug 02)