Re: no more public exploits and general PoC gui de lines

[Eric LeBlanc <inouk () igt net>]

On Tue, 27 Apr 2004, Jedi/Sector One wrote:

> On Tue, Apr 27, 2004 at 04:05:13PM -0400, kquest () toplayer com wrote:
> > Are you saying that unless there's an exploit
> > that gives you access to the target machine
> > your company wouldn't patch
>
>   It's a matter of priority.
>
>   For most PHBs, proactive security must be very low priority because
> keeping systems up to date doesn't bring any money to the company.

Just to tell your boss that the
worm/DoS/exploit/wathever-that-will-cause-a-severe-damage-on-machines-and-network
will cost them more than keeping their system up to date (with proof).
It's enough to convince them that the patching will save them a *LOT* of
money and time (if the patch don't broke the system of course, especially
with microsoft patches).

If they don't want to understand it.. Well, I want to be there when their
system will have a virus/wathever just to see their face :-)  Oh, it's
possible that the VP of company will tell to you that it's YOUR fault...

E.
--
Eric LeBlanc
inouk () igt net
--------------------------------------------------
UNIX is user friendly.
It's just selective about who its friends are.
==================================================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html