Re: [unisog] DShield and Symantec report MSBlast in wild

[Gary Flynn <flynngn () JMU EDU>]

Edward W. Ray wrote:
> While this is illegal, and no site should be DDoSed off the web, I find the
> fact that the worm slams the M$ site rather amusing :)
>
> So much for Windows 2003 being "Secure by Default."

One hopes that all vendors will learn that shipping a system
with listening ports these days is foolhardy. You can't get
the patches before you get infected/hacked anymore.

And I don't just mean Microsoft. Unix's portmapper and related
RPC services, NTP, plug-n-play, nothing should be turned on by
default that opens a door on the network.

BTW, I wonder what lawyers will make of the fact that Microsoft's
security bulletin says:

"RPC over UDP or TCP is not intended to be used in hostile environments
 such as the Internet"

And it was shipped that way why?

Is it time for a product recall of all defective CDs from registered
owners and the supply chain? Otherwise, consumers go out and buy a new
PC or OS CD, take it home, and promptly get infected.

--
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.