Full Disclosure mailing list archives
Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c)
From: "Scott M. Algatt" <salgatt () turtleshell net>
Date: Tue, 29 Jul 2003 14:13:32 -0400 (EDT)
There are other methods of doing patches as well. I know of one company, PatchLink, that does a deployment. You simply install the client software on a system and then it checks into the master server. configurations such as those could help reduce the maintenance cost of patching. The up front cost of the software and configuration is costly but after that you are running smooth. This is a software that we recently deployed and it is working great. We are able to see what patches haven't been applied to certain machines. We have our machine split into groups, automatic and manual. This allows for the onsite administrator to decide when they want to patch. Regards, Scott M. Algatt Behold the turtle. He makes progress only when he sticks his neck out. On Tue, 29 Jul 2003 Valdis.Kletnieks () vt edu wrote:
On Tue, 29 Jul 2003 10:52:19 EDT, Jason <security () brvenik com> said:$15,600 * 83 = $1.3 million in lost time patching Compared to the very conservative 4 million lost otherwise? Add another million to the 1.3 mil to hire contractors and you still save almost 2 million.$1.3M to patch MS03-023. $1.3M to patch MS03-026. $1.3M to patch MS03-030. Now you're up to $3.9M, and only saving $100K. *MAYBE*. And if there's another advisory, there goes another $1.3M. If there's 4 advisories a year, it actually makes financial *SENSE* to just say "screw it" and accept the fact that there will be a yearly worm-and-patch-everything party. Maybe there's a *REASON* that IT security is underfunded - the cost/benefit doesn't work out for the business....
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c), (continued)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Jason (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPCexploit (dcom.c) Darren Bennett (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPCexploit (dcom.c) Ron DuFresne (Jul 30)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Bojan Zdrnja (Jul 30)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) yossarian (Jul 30)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 30)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Bojan Zdrnja (Jul 31)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Scott M. Algatt (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Larry W. Cashdollar (Jul 29)
- Re: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Jason (Jul 29)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Andy Wood (Jul 29)
- RE: Avoiding being a good admin - was DCOM RPC exploit (dcom.c) Michal Zalewski (Jul 30)