RE: The worm author finally revealed!

[Pipes Cuchifrito <pipes () mutilation org>]

> With regards patching systems: have you ever worked in a *real* operations post? Have you ever had developers of your 
> main product say to you "no you can't upgrade to SP6a as it's break the main engine". No matter how much you beg and 
> plead to get this fixed they don't have the resources. What you gonna say? "Fuck you then I'm unplugging the Live 
> servers"?

If you are working with developers who refuse to patch software for security reasons, then you arnt working in a *real* 
operations post. You are working at a post where you would like to think you are working operations so yes, you 
proberly could get away with unplugging servers. 


> That maybe ok for you with your funky little OpenBSD box at home running nothing that your toolz and acting as a 
> router for your little sister to AIM through, but here in the real world we have to deal with testing cycles, buggy 
> code, patches that don't behave as advertised, uptime clauses in contracts, being forced to run damn Windows because 
> that's what the Management want and having to support some shitty but crucial piece of code written in VB.


Then you arn't payed to do security. Get your contract updated and go back to calling yourself helpdesk. 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html