Full Disclosure mailing list archives

RE: Learn from history?

From: "Serge van Ginderachter (svgn)" <svgn () orbid be>
Date: Thu, 6 May 2004 11:12:24 +0200

1.  Microsoft already provides that feature


Sure. Yo have no problem about running it automatically?

2.  As soon as possible for "you"


No. As soon as the customer phones asking you to drop by. Meanin: when it's
too late.

2. If a patch cannot be installed, find workarounds

That does not work with the workarounds customer need to facilitate
life (security <> easy of use, remember)

And the computers/networks will be so easy to use when lines 
are saturated,
 file systems are corrupted or data are stolen


That's the problem they are prepared to deal with at the moment it comes.
They think it's cheaper.

3. If it is a port-related threat, find out if such ports are 
in use, and if not, make sure they are closed.

Once the virus is on the LAN it can do whatever it wants.


Hello!  Block the ports BEFORE they hit the LAN.  Proactive security.
Also, do us a favor and don't propogate the shit!


Well of course they are blocked. But there are other means of coming in you
know.

Some of the comments overheard this week regarding Sasser:

I did propose some firewall, but they feel it's too much EUREUREUREUR


And you provided some sort of analysis showing potential losses due to
the lack of a security infrastructure, right?


Well indeed of course not. Customer is not prepared to pay for that kind of
analysis.

Will they learn from history? Only history will tell.

I'm pretty sure they won't. Even most tech guys don't have a clue.


Evidently, thanks for your example.


There's no reason to get personal here. Don't judge me on such a restraint
discusion.
My only point is, SMB businesses are not prepared to pay for advanced
security, which you say I should provide, and to whick I totally agree. 

Maybe my boss does not have the right business plan and marketing to 'sell'
security. Probably.


Serge

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Learn from history? Lennart Damm (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- Re: Learn from history? Valdis . Kletnieks (May 05)
- <Possible follow-ups>
- RE: Learn from history? Serge van Ginderachter (svgn) (May 05)
  - RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? full-disclosure (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
  - RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
  - Re: Learn from history? Ondrej Krajicek (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
  - RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Ferris, Robin (May 06)
  - RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Steve Bremer (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? full-disclosure (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Ng, Kenneth (US) (May 10)
  - RE: Learn from history? Alerta Redsegura (May 10)

(Thread continues...)