RE: Dcom.c - (Shutting it down on 5,000 systems) - a Paul Schmehl Post

["Schmehl, Paul L" <pauls () utdallas edu>]

> -----Original Message-----
> From: Andy Wood [mailto:andy () digitalindustry org] 
> Sent: Tuesday, July 29, 2003 2:22 PM
> To: full-disclosure () lists netsys com
> Subject: [Full-disclosure] Dcom.c - (Shutting it down on 5,000 systems)
- a Paul Schmehl Post
>         (Now that I see the rest of the orig post I'll 
> comment on the IDS part):
 
>        Weak-ass admins ONLY complain that IDS' make work 
> for them AND that they are worthless.....Boo hoo, *we* have 
> to research, *we* have to interpret and *we* have to take 
> action....WAAAAAAAAAAAAAAAAAA.  

>        So, some joe-hacker that has intelligence so far 
> beyond most any-type admin (especially Windows), and he 
> wants into your network.....the complaint is that ya might 
> have to do some analysis? 

No, that wasn't the complaint.  You completely missed the point.  The
original poster stated that IDSes "protect" you.  He even went so far as
to quote from the dictionary the definition of "protect".  I countered
that they do nothing but spew information.  Someone has to do the
analysis and research and so forth.

Never **once** did I **complain** about it.  For someone who claims to
have "creativity", you sure lack basic reading skills.

The rest of your vomit isn't worth responding to.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html