RE: Worms, Air Gaps and Responsibility

["R. DuFresne" <dufresne () sysinfo com>]

On Fri, 7 May 2004, Thomas W Shinder wrote:

> I don't think "Don't use Windows" is a viable option in the long term.
> Non-Windows OS servers have reached critical mass, especially in the
> enterprise space, making them tasty targets. When non-Windows client
> systems reach critical mass, exploits target against them will surely
> come fast and furious. And unless the non-Windows OSs are "Windows-ized"
> so that someone takes responsibility for fixing them, you'll end up
> having to pay even more to move back to an Microsoft solution, since
> Microsoft will have its security issues handled and the fledgling Linux
> vendors will just be ramping up their IR efforts. 


I think one thing is, we tend to overestimate the main audience for trojan
and virus infections.  Aside from lusers that learn not and click viruses
into the corp env, most companies do or should have a perimiter that
blocks the common infection vector ports.  Thus the main audience for
infections tends to be home dialups and cable modem/DSL users.

Even back in the BBS days, it  was mostly home users that suffered the
results of 'dialup-surfing'.  

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards