Re: ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)

[Andrew Simmons <andrews () mis-cds com>]

Chris Garrett wrote:
> Richard Stevens:
>
> > I must be missing something here... xp home & pro both have a "click
> > and forget" firewall?
> > why aren't people using it?
>
>
> You're talking about the Internet Connection Firewall (ICF)? Firstly, if most
> people even knew what a firewall was, then the impact of this worm might not
> have been as severe. I'm sure you realize there are a lot of users out there
> that bought XP for its "pretty" interface. Those people don't know a firewall
> from a hole in the wall. If you tell them it can protect their precious computer
> from evil script kiddies, then they might be more interested, but unless you put
> that information right in their face, they're not going to bother.

"What's a script kiddie?"
"I don't have anything worth breaking into my machine for"
"I don't care if anyone breaks into my machine"
"what's a packet filter?"
"What's IP?"

etc, etc.

Yes, of course there are answers to these questions... but from an ISPs 
perspective, it's got to be easier and cheaper to just block the ports and 
have done with it.



[ snip ]

> Of course we could just take the easy way out: How do you secure the Internet?
> Kill all its users.

http://blackadder.powertie.org/transcripts/2/1/

Wisewoman: Very well then. Three other paths are open to you. Three cunning
           plans to cure thy ailment.
Edmund:    Oh good.
Wisewoman: The first is simple. Kill Bob!
Edmund:    Never.
Wisewoman: Then try the second. Kill yourself!
Edmund:    No. And the third?
Wisewoman: The third is to ensure that no one else ever knows.
Edmund:    Ha, that sounds more like it. How?
Wisewoman: Kill everybody in the whole world. Ah, ha, ha...!!!


\a


> Regards,
> Christohper Garrett III
> Inixoma, Incorporated












The information contained in this message or any of its attachments may be privileged and confidential and intended for 
the exclusive use of the intended recipient. If you are not the intended recipient any disclosure, reproduction, 
distribution or other dissemination or use of this communications is strictly prohibited.  The views expressed in this 
e-mail are those of the individual and not necessarily of MIS Corporate Defence Solutions Ltd.  Any prices quoted are 
only valid if followed up by a formal written quote.  If you have received this transmission in error, please contact 
our Security Manager on 44 (0) 1622 723410.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html