Re: Authorities eye MSBlaster suspect

["morning_wood" <se_cur_ity () hotmail com>]

shouldnt these measures been in place already?
instead of rushing on a per-incident basis, you should be implimenting
these things anyway. IMHO is prudent to expend some overkill
during lockdown and penetration testing on a system when
it is deployed or periodically tested, so there is a reduction
during a per-incident basis. You still not taking responsibility
to the proper party - the admin or security administrator
of said computing resource. They are the ones responsible
for allowing internet egress into thier networks, a known hostile
environment. 

get educated, take some responsibility for you high paying job, 
and quit trying to lay the blame elsewhere.

Donnie Werner
http://e2-labs.com 






----- Original Message ----- 
From: "Chris DeVoney" <cdevoney () u washington edu>
To: <full-disclosure () lists netsys com>
Sent: Friday, August 29, 2003 10:39 AM
Subject: RE: [Full-disclosure] Authorities eye MSBlaster suspect


> On Friday, August 29, 2003 8:24 AM, Charles Ballowe wrote:
> > Interesting -- the net cost of the worm is actually a net 
> > $0.00. For every penny that a company chalks up as a cost to 
> > the worm, some other company must be chalking up the cost as 
> > a profit from the worm. 
>
> Forgive the comment, but that statement is very untrue. As someone else
> hinted, companies are diverting manpower from other projects to tackle the
> worm. No other company is benefitting from that expenditure.
>
> Then there is the case of academic and medical establishments, of which I
> can speak from experience. There were some additional costs in hiring
> contractors. But the biggest cost was the diversion of (my estimate)
> hundreds of man-weeks to analyzing, patching, remediating, mitigating these
> worms from other projects. That wasn't money lost, that was time lost. And
> the faculty, staff, students, and everyone who depends on that work loss.
>
> I won't go into fuller details, but because of the heavy dependence of
> computing in biotechnology and medical fields, these worms and other
> security problems have a larger societial cost. Most university medical
> research comes from fixed grants. When you are always trying make those
> limited resources stretch, diverting money and time to nonsense like this is
> very, very frustrating. These problems do delay medical research and adds to
> the cost of medical research without giving human benefits. 
>
> I wish these misceates would consider those implications before converting a
> lab server into a warez server when they get hit with a leading-edge or rare
> illness. 
>
> cdv
>
> ------------------------
> Chris DeVoney
> Clinical Research Center Informatics
> University of Washington
> cdevoney () u washington edu
> 206-598-6816 
> ------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html