RE: RE: MS SQL WORM IS DESTROYING INTERNET BLOCK PORT 1434!

[madsaxon <madsaxon () direcway com>]

> For those of you smartass know-it-alls that think you've got the tiger
> by the tail, here's a suggestion for you - volunteer your time to some
> of the local educational institutions.  Pick a non-profit in your local
> area and help them with their network.  Do some fund raising to get them
> the equipment they need.  Or donate the equipment you throw out because
> it's "out of date".  DO something about the problem instead of bitching
> about it in the lists and blaming the poor admins who have no power to
> fix it.

Gentlemen:

It's apparent that this worm has frayed a lot of nerves, and I certainly 
understand
that.  The lazy admin accusation has been leveled many times before, as have
the arguments presented in defense of admins.  The truth, I suspect, is as 
in many
of these situations somewhere in the vast landscape in between the 
extremes.  Some
admins *are* lazy and/or incompetent.  Many of us have fought for years to get
management to realize that systems administration is a profession unto itself,
not a sideline for Joe Bob down in the mail room in between package 
delivery runs.

But I know from personal experience that not only educational institutions, 
but many
others--in scientific fields, for example--are extraordinarily reluctant to 
allow security
on their networks due to the perception that it interferes with the free 
exchange of
data.  "Scientists shouldn't be burdened with such things," they often 
say.  In these
cases convincing the powers that be to let you install even a simple 
software firewall
can make root canal look like a day at the kiddie park.  Often even a 
catastrophe
doesn't do it.  They just lay the blame on the IT staff and retain the 
status quo.  I've
even seen instances in which the security budget was *reduced* following a
catastrophic loss of data because 'it obviously wasn't doing any good to spend
money in that area.'

In short, the issue of ensuring that all boxes get patched for all 
vulnerabilities, while
admittedly more important with each passing day and each increasingly 
destabilizing
incident, is not at all a simple one, no matter how it may look on 
paper.  I don't
honestly know the way to address it most successfully.  But I would be willing
to bet that it will involve education and cooperation among all of us 
concerned with
the fate of the Internet.  I'd also be willing to bet that name-calling 
won't get us there.

Peace, brothers.

m5x



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html