Full Disclosure mailing list archives
RE: Authorities eye MSBlaster suspect
From: "Henry, Christopher M." <chenry () radiologycorp com>
Date: Fri, 29 Aug 2003 17:17:59 -0400
First of all as any admin or security person would know it is a pain in the ass trying to close all the possible point of infections on a real network. When your company is nation wide and you have mobile users/remote offices/clients who connect via vpn/ptp/frame relay into your network...why don't you try to get in contact with everyone and patch all the PCs. There is just so much you can do, but in the end you can only hope that everyone paid attention to the emails you sent out and applied the patches that you shipped out to them. Blaming the victims is not the thing to do, after all they are just the innocent computer user. It doesn't matter what Micro$oft did or didn't do, they are not the ones who wrote the worm and I bet the admin in the high paying job didn't write it either. As I said you try being the admin of a network larger than a match box and you will see how "easy" it is to secure. -----Original Message----- From: morning_wood [mailto:se_cur_ity () hotmail com] Sent: Friday, August 29, 2003 3:22 PM To: Chris DeVoney; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Authorities eye MSBlaster suspect shouldnt these measures been in place already? instead of rushing on a per-incident basis, you should be implimenting these things anyway. IMHO is prudent to expend some overkill during lockdown and penetration testing on a system when it is deployed or periodically tested, so there is a reduction during a per-incident basis. You still not taking responsibility to the proper party - the admin or security administrator of said computing resource. They are the ones responsible for allowing internet egress into thier networks, a known hostile environment. get educated, take some responsibility for you high paying job, and quit trying to lay the blame elsewhere. Donnie Werner http://e2-labs.com ----- Original Message ----- From: "Chris DeVoney" <cdevoney () u washington edu> To: <full-disclosure () lists netsys com> Sent: Friday, August 29, 2003 10:39 AM Subject: RE: [Full-disclosure] Authorities eye MSBlaster suspect
On Friday, August 29, 2003 8:24 AM, Charles Ballowe wrote:Interesting -- the net cost of the worm is actually a net $0.00. For every penny that a company chalks up as a cost to the worm, some other company must be chalking up the cost as a profit from the worm.Forgive the comment, but that statement is very untrue. As someone else hinted, companies are diverting manpower from other projects to tackle the worm. No other company is benefitting from that expenditure. Then there is the case of academic and medical establishments, of which I can speak from experience. There were some additional costs in
hiring contractors. But the biggest cost was the diversion of (my estimate) hundreds of man-weeks to analyzing, patching, remediating, mitigating these worms from other projects. That wasn't money lost, that was time lost. And the faculty, staff, students, and everyone who
depends on that work loss. I won't go into fuller details, but because of the heavy dependence of
computing in biotechnology and medical fields, these worms and other security problems have a larger societial cost. Most university medical research comes from fixed grants. When you are always trying make those limited resources stretch, diverting money and time to nonsense like this is very, very frustrating. These problems do delay medical research and adds to the cost of medical research without giving human benefits. I wish these misceates would consider those implications before converting a lab server into a warez server when they get hit with a leading-edge or rare illness. cdv ------------------------ Chris DeVoney Clinical Research Center Informatics University of Washington cdevoney () u washington edu 206-598-6816 ------------------------
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Authorities eye MSBlaster suspect, (continued)
- RE: Authorities eye MSBlaster suspect Byron Copeland (Aug 29)
- Re: Authorities eye MSBlaster suspect bitbucket (Aug 30)
- Re: Authorities eye MSBlaster suspect Valdis . Kletnieks (Aug 29)
- Re: Authorities eye MSBlaster suspect Michael D Schleif (Aug 30)
- Re: Authorities eye MSBlaster suspect Paul Schmehl (Aug 30)
- RE: Authorities eye MSBlaster suspect Jason Coombs (Aug 30)
- RE: Authorities eye MSBlaster suspect madsaxon (Aug 30)
- Re: Authorities eye MSBlaster suspect ww (Aug 30)
- Re: Authorities eye MSBlaster suspect Michael D Schleif (Aug 31)
- Re: Authorities eye MSBlaster suspect Michael D Schleif (Aug 30)
- Re: Authorities eye MSBlaster suspect Anthony Saffer (Aug 29)
- Re: Authorities eye MSBlaster suspect Nick FitzGerald (Aug 29)