Fw: Sasser author

["Paolo Mattiangeli" <security () centrodiascolto it>]

----- Original Message ----- 
From: "Paolo Mattiangeli" <pamatt () centrodiascolto it>
To: <full-disclosure () lists netsys com>
Sent: Friday, May 14, 2004 5:41 PM
Subject: Re: [Full-disclosure] Sasser author


> I am responsible for security in a small business' network (50-or-so
> machines, most of them running MS OSs). I have been aware of MSS bulletins
> as soon as they where out, and made sure to apply patches as specified.
> Sasser did nothing to my offices' network. But, on the other hand, I have
a
> single PC at home, one I don't use very much, and I often forget to deal
> with security patches on that machine. Well - would you bet? - I got a
> Sasser infection at home, which caused me the discomfort of a late-night
> session of cleaning, disinfeting, patching and do on. I put the blame on
me,
> of course. But sure I could have spent that night doing something better,
> chat-cheating the wife, reading a book, going to the movies and so on. So
my
> question is: what wrong did al this do to The Microsoft BEAST? It only did
> some wrong to me and my personal life. I could have avoided that, but
can't
> I feel safe at home? Should I be satisfied at thinking that this guy is a
> "social naive" whith no conscience of the consequences of his acts? Isn't
> this what the law is meant for, to protect citizens and business from the
> consequences of other people's acts?
>
> Just another 0.02 worth comment in this thread, that is going stale IMO...
>
> Paolo Mattiangeli

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html