Full Disclosure mailing list archives

RE: Super Worm

From: "Curt Purdy" <purdy () tecman com>
Date: Mon, 19 Apr 2004 14:26:10 -0500

sean01 () accnet com au wrote:

On the other hand....without those dimwits I would be out of
a job...God
bless the dill's..


Yeah, but with the problems and the stupidity of end users,

<snip>

Make a good list wich people can check for themselves. A
knowledge base
maybe with good understandable descriptions of threats and
info on new
things wich might hit them. If they did not obey the list with checks
they can be hold for ignorant, unhelpful, dumb, or any names you can
think off (still stay polite). Prioritize those people by
filtering who
is helpful and sticks with the rules, and people who are just simply
ignorant and not willing to learn from what you tell them. In
 the end
it is their own fault and they have to feel how it is to not being
helped that quick.


Good points.  I have developed just such a list at our organization.  In
addition to quickly responding to these individuals when they need help,  I
take the extra time to educate them in security including conducting
voluntary classes, put them on an email list that I keep updating with the
latest worms and threats and fixes, and even take extra time to do
one-on-one to make them feel part of the team.  I have even dubbed our group
"the white-hats".

In return, they have taken it to heart and have become my un-official
deputies, keeping their eyes open for security problems from physical (an
unknown person walking around suspiciously or a co-worker pasting their
password on a monitor) to informational (notifying me of a virus getting
through the gateway filter or being able to access something they know they
shouldn't).  I have found that my time spent has paid me back in a user base
(at least part of it) that has become an asset not a liability, as we often
think of them.

Curt Purdy CISSP, GSEC, MCSE+I, CNE, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Re: [FD] Super Worm, (continued)
- - - Re: Re: [FD] Super Worm Valdis . Kletnieks (Apr 19)
    - Re: Re: [FD] Super Worm Gregory A. Gilliss (Apr 19)
    - Re: Re: [FD] Super Worm Dave Horsfall (Apr 19)
    - Re: Re: [FD] Super Worm Bruce Ediger (Apr 20)
    - Re: Re: [FD] Super Worm Dave Horsfall (Apr 20)
  - .hash= fd (Apr 21)
    - Re: .hash= Joris De Donder (Apr 21)
- RE: Super Worm Randal, Phil (Apr 19)
  - RE: Super Worm Sean Crawford (Apr 19)
    - Re: Super Worm Aschwin Wesselius (Apr 19)
    - RE: Super Worm Curt Purdy (Apr 19)
    - RE: Super Worm Bart . Lansing (Apr 19)
    - Re: Super Worm Aschwin Wesselius (Apr 19)
    - Re: Super Worm Paul Schmehl (Apr 19)
    - Re: Super Worm Valdis . Kletnieks (Apr 19)
    - Re: Super Worm Bart . Lansing (Apr 20)
- RE: Super Worm Jos Osborne (Apr 20)