Full Disclosure mailing list archives
Re: The worm author finally revealed!
From: Paul Schmehl <pauls () utdallas edu>
Date: 31 Jan 2003 17:50:01 -0600
On Fri, 2003-01-31 at 15:17, yossarian wrote:
What you are advocating, is taking legal action to everyone except the professionals in your dept. too busy to fix their boxes.
I wasn't *advocating* anything. I was trying to highlight how ridiculous some of the demands are when something blows up - like Slammer.
If I add your recent posts up: responsible are the virus makers, the people doing full disclosure, the ISP's, the home users unknowingly or cluelessly running SQL server, maybe MS for making this buggy product, anyone but your beloved admins who get leery, but have no clue: 6 months after the release of the hotfix, someone somehow patched the server just before slammer, and this, not the virus, took down your helpdesk system. Yeah, right.
Yeah, you sure got it. Not!
And to fix the system, it had to be completely rebuild. Did you ask HEAT?
Gosh - that never even occurred to us. :-)
You had no back-ups? No pre-patch test - BTW it was no hotfix but in a service pack, just released - did your people really install an SP without testing?
Sure. We do that all the time. We're those idiots everybody complains about.
No test system - helpdesk systems are generally considered critical, so a back-up system is essential and you can use this for test - just make a disk image first. Can be an older box, if it is not 100% identical the test will not be 100% reliable but it will give you a general idea of the impact of an SP. No roll back scenario. You have no firewall,
Don't assume what you don't know. (You've done enough of that already.) How many systems are you responsible for?
The diff is that I do not tolerate sorry excuses, nor putting the blame on any external party, not from my CISO, nor from my helpdesk. You are too defensive.
And you own what? Exactly? -- Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/~pauls/ AVIEN Founding Member _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: The worm author finally revealed! yossarian (Jan 31)
- <Possible follow-ups>
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
- Re: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! Paul Schmehl (Jan 31)
- Re: The worm author finally revealed! yossarian (Jan 31)
- RE: The worm author finally revealed! Sung J. Choe (Jan 31)
- Re: The worm author finally revealed! yossarian (Feb 01)
- RE: The worm author finally revealed! Schmehl, Paul L (Jan 31)
- RE: The worm author finally revealed! Ron DuFresne (Jan 31)
- Re: The worm author finally revealed! Jonathan Rickman (Jan 31)
- Re: The worm author finally revealed! Douglas F. Calvert (Jan 31)
- Re: The worm author finally revealed! David Howe (Feb 03)
- Re: The worm author finally revealed! David Howe (Feb 03)
- Re: The worm author finally revealed! David Howe (Feb 03)