Full Disclosure mailing list archives
RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c)
From: Michal Zalewski <lcamtuf () ghettot org>
Date: Wed, 30 Jul 2003 09:48:23 +0200 (CEST)
On Tue, 29 Jul 2003, Andy Wood wrote:
You're absolutely kidding, right? Downtime doesn't equate to $$$? How wrong can that mentality be? I've seen it first hand without a worm (well, an worthless admin...the same destructive tendencies as a worm)....one system down costing over a hundred thousand because all the people that flew in across the US and various parts of the world could not be given a presentation to do what? Oh so they could pitch why they should be the ones to build the next generation Aircraft Carrier for the US navy.
I think you have misunderstood my post. I'm not trying to claim that outages do not mean losses. But I do oppose the bogus logic of multiplying an average salary by an average number of employees by the number of affected companies to estimate losses. I explictly stated that cases like the one you quote happen. But they are either limited to specific projects, teams, or specific businesses. Outages mean losses, but it's not automatically a total and unrecoverable loss of all productivity of all employees.
As far as less than 100% efficiency....well that's a loss that can be traced to the computer these days....ebay, espn, news, chat, games...nothing new.
It appears to me that you've missed the point. Once again, I suggest reading the original message... You are of course welcome to disagree, but I would feel somewhat better if you could disagree with what I stated, not with an outrageous concept I've never stated and you're trying to imply I had in mind. That said, I don't really want to start a flame war. I stated my point of view, I can accept that others find it flawed. Cheers! -- ------------------------- bash$ :(){ :|:&};: -- Michal Zalewski * [http://lcamtuf.coredump.cx] Did you know that clones never use mirrors? --------------------------- 2003-07-30 09:43 -- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c), (continued)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Bojan Zdrnja (Jul 30)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) yossarian (Jul 30)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 30)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Bojan Zdrnja (Jul 31)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Scott M. Algatt (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Larry W. Cashdollar (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Jason (Jul 29)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Andy Wood (Jul 29)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Michal Zalewski (Jul 30)