Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: No Subject (re: openssh exploit code?)

From: "Robert Ahnemann" <rahnemann () affinity-mortgage com>
Date: Tue, 21 Oct 2003 16:21:27 -0500
Hi Robert,

--- Robert Ahnemann <rahnemann () affinity-mortgage com>
wrote:

I flip to the local radar and get some sort of proof
that there might be
a thunderstorm coming.  Talk is cheap (as was said),
so its up to the
admin to verify if A) there is a real threat B) the
threat applies to
your systems C) the threat damage is worth the
damage of 'unscheduled
downtime'

(for the analogy challenged:  radar = some sort of
proof of concept or
something of the likes)


But would you flip to the radar if the local TV
Weatherman told you to seek shelter and bring the kids
in?  I'd go get the kids first.  CERT being the
weatherman in this case..

Cheers,
Matt


Comparing a random subscriber on a full-disclosure list and CERT is
somewhat of a bad comparison, no?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: