Full Disclosure mailing list archives
RE: another new worm submission
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Mon, 7 Jun 2004 20:19:51 -0500
Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
-----Original Message----- From: Perrymon, Josh L. [mailto:PerrymonJ () bek com] Sent: Sunday, June 06, 2004 10:36 PM To: 'Ron DuFresne'; Jerry Heidtke Cc: Schmehl, Paul L; full-disclosure () netsys com Subject: RE: [Full-disclosure] another new worm submission I agree. Anyone that would have those ports open has a *lot more to worry about that cleaning a few worm infections. That's not the case here. This infection was caused by a remote user not a Lan user. With several hundred laptops it's hard have 0 exposure. As with any growing security practice and today's decreased budgets areas of focus are determined on risk exposure. Anywho- I found the Trojan to be backdoor.nibu.g- although Symantec AV didn't pick it up until tonight. I think this is a good example that perimeter security is only part of the battle. Tomorrow's morning meeting will stress the importance of desktop firewalls again and a good patch management process. You can talk until your blue in the face to upper management but I find 90% to be reactive.
I rest my case. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- another new worm submission Perrymon, Josh L. (Jun 04)
- Re: another new worm submission Axel Pettinger (Jun 04)
- Re: another new worm submission insecure (Jun 04)
- Re: another new worm submission Paul Schmehl (Jun 04)
- Re: another new worm submission Jerry Heidtke (Jun 04)
- Re: another new worm submission Ron DuFresne (Jun 05)
- Re: another new worm submission Paul Schmehl (Jun 04)
- Re: another new worm submission Christoph Gruber (Jun 07)
- Re: another new worm submission Christoph Gruber (Jun 08)
- Re: another new worm submission Christoph Gruber (Jun 08)
- Re: another new worm submission Christoph Gruber (Jun 08)
- <Possible follow-ups>
- RE: another new worm submission Perrymon, Josh L. (Jun 06)
- RE: another new worm submission Schmehl, Paul L (Jun 07)