Re: MS should point windowsupdate.com to 127.0.0.1

["vb" <vb () bitsmart com>]

no, but i do regularly send my users emails with links and attachments with
enticing too-good-to-be-true offers to click on or open the attachment from
a spoofed addy. if they are foolish enough to open it, it pops up 22 browser
windows each one admonishing them about how foolish they were and to never
do this again, the 10 commandments of network security, etc. quite annoynig
but not destructive.  then i have their machine name and ip in the site logs
and i have a talk with them about network and email security. unfortunately,
9 times out of 10 it's someone in upper management who's guilty.

> Actually this brings up an interesting idea. Has anyone ever actually
"broke"
> a machine on purpose as a way to show the users how good they have it and
how
> much trouble it would be for them if they don't cooperate with network
> policies? Sure it's not ethical but it could be quite effective?
>
>
>
>
> On Thursday 14 August 2003 22:18, Schmehl, Paul L wrote:
> > You're not allowed to participate.  Only the geniuses that think they
> > have it figured out already. :-)
> >
> > Paul Schmehl (pauls () utdallas edu)
> > Adjunct Information Security Officer
> > The University of Texas at Dallas
> > AVIEN Founding Member
> > http://www.utdallas.edu/~pauls/
> >
> > > -----Original Message-----
> > > From: Blue Boar [mailto:BlueBoar () thievco com]
> > > Sent: Friday, August 15, 2003 12:15 AM
> > > To: Schmehl, Paul L
> > > Cc: Jeroen Massar; Tobias Oetiker; full-disclosure () lists netsys com
> > > Subject: Re: [Full-disclosure] MS should point
> > > windowsupdate.com to 127.0.0.1
> > >
> > > Schmehl, Paul L wrote:
> > > > I just curious how you geniuses would solve this problem.
> > >
> > > You have a
> > >
> > > > multi-six figure scientific instrument, which is only
> > >
> > > manufactured by
> > >
> > > > one vendor in the entire world.  Your research department
> > >
> > > depends upon
> > >
> > > > that instrument to do research for which they are being funded
> > > > handsomely by grants and expected to produce results.
> > > >
> > > > There's only one problem.  The instrument requires that you run
> > > > Windows 2000 Server with IIS, and the vendor requires that you not
> > > > apply *any* patches post SP2.  The government certifies the
> > >
> > > equipment
> > >
> > > > at a certain patch level, and if the equipment is patched then the
> > > > certification no longer applies, the research is no longer
> > >
> > > funded and
> > >
> > > > you are now staring a six figure boat anchor.
> > >
> > > <snip>
> > >
> > > > 2) Minus points if you say "Don't allow access to the Internet.  It
> > > > *requires* access to the Internet.  (IOW, it has to be able
> > >
> > > to connect
> > >
> > > > to "live" IP address ranges, not private IPs.)
> > >
> > > What *kind* of Internet access?  Any reason I can't put a
> > > firewall or proxy
> > > of some sort between it and the Internet?  Maybe an IDS
> > > running as a router?
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html