funsec mailing list archives
Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases
From: Valdis.Kletnieks () vt edu
Date: Thu, 28 Jun 2007 18:08:12 -0400
On Thu, 28 Jun 2007 12:52:09 CDT, Dennis Henderson said:
Did you have to take a week of training to get it to that reasonably safe level? I doubt it. I know you're a very smart guy, but the skill it takes to get XPSP2 IE7
I wouldn't know. I don't swing the Microsoft way. Probably took well over a week of effort to get to a reasonably safe level - but that was because I was busy helping *develop* that level of code and BCP's. Sure, "make sure your network doesn't answer pings to the broadcast address" is a no-brainer *now* - 7 and 8 years ago it was a fight to get it onto people's radar. http://www.sans.org/dosstep/roadmap.php?ref=3801 Yeah, you read that *now* and go "No Shit, Sherlock". But note that (a) back in 2001, the suggestions were deployed rarely enough that we had to make them, and (b) there's *still* sites that haven't gotten the memo. http://momo.lcs.mit.edu/spoofer/summary.php is *still* reporting that a lot of the Internet is doing a piss-poor job of ingress filtering.
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases, (continued)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Gadi Evron (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Nick FitzGerald (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Bill Weiss (Jun 28)
- Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Message not available
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 27)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 27)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dude VanWinkle (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dennis Henderson (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Valdis . Kletnieks (Jun 28)
- Re: [off-list] Re: NZ: Banks Demand a Look Inside Customer PCs in Fraud Cases Dude VanWinkle (Jun 28)