Dailydave mailing list archives
Re: Ah, oo, uh, ie.
From: Bryan Burns <bburns () juniper net>
Date: Thu, 30 Mar 2006 15:01:08 -0800
I'm sure your tongue is somewhat in your cheek so I hope I'm not being too pedantic, but saying "who cares" about shutting down malicious sites is a bit like saying "who cares about arresting petty criminals with handguns when you can be killed by snipers with fancy rifles." It's true that shutting down these malicious sites doesn't fix the vulnerability or make targeted attacks any less likely, but it does reduce the overall probability that joe user will be donating his DSL line to a botnet for the foreseeable future. Solving 50% of the problem isn't as good as solving 100% of the problem, but it's a lot better than solving 0%.. When dealing with the messy real world, you can't let the perfect be the enemy of the good. -Bryan On 3/30/06 2:40 PM, "Dave Aitel" <dave () immunityinc com> wrote:
The main funny think MSRC said to me this week was that they've been tracking down web sites that have the exploit on them, and shutting them down with law enforcement. Who cares, when you can get hit by a targeted attack? Not every attack is just blindly smacking down random grandmothers, although if you read MSRC, the sultry female british accent would quickly convince you that was the case.
Current thread:
- Ah, oo, uh, ie. Dave Aitel (Mar 30)
- Re: Ah, oo, uh, ie. Bryan Burns (Mar 30)
- Re: Ah, oo, uh, ie. H D Moore (Mar 31)
- <Possible follow-ups>
- Ah, oo, uh, ie. Williams, James K (Mar 31)