Full Disclosure mailing list archives

Re: Web sites compromised by IIS attack

From: "Aditya, ALD [ Aditya Lalit Deshmukh ]" <aditya.deshmukh () online gateway technolabs net>
Date: Thu, 1 Jul 2004 11:08:55 +0530

Right. But we also need better methodologies for vendors to fix their
products. The emphasis here is on "the vendor fixing the broken
product". It should not be a burden on the consumer, but on the vendor.


Like I said, Do you REALLY want a vendor to install patches for you?


i would never trust any patch from red hat / sun system / microsoft  without actually testing it on a sacrificial lamb 
before going in production use. 



ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
éb½êÞvë"axZÞx÷«²ÚGb¶*'¡ó[kj¯ðÃæj)mªÿrÿ

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Web sites compromised by IIS attack Frank Knobbe (Jun 30)
- Re: Web sites compromised by IIS attack Paul Schmehl (Jun 30)
  - Re: Web sites compromised by IIS attack Frank Knobbe (Jun 30)
    - Re: Web sites compromised by IIS attack Denis Dimick (Jun 30)
    - Re: Web sites compromised by IIS attack Aditya, ALD [ Aditya Lalit Deshmukh ] (Jun 30)
  - Re: Web sites compromised by IIS attack Denis Dimick (Jun 30)
  - Re: Web sites compromised by IIS attack (fully off topic!) Aditya, ALD [ Aditya Lalit Deshmukh ] (Jun 30)
  - Re: Web sites compromised by IIS attack Valdis . Kletnieks (Jul 01)
    - Re: Web sites compromised by IIS attack Raj Mathur (Jul 01)
    - Re: Web sites compromised by IIS attack Maarten (Jul 01)
    - Re: Web sites compromised by IIS attack Akos Szalkai (Jul 05)
- Re: Web sites compromised by IIS attack Denis Dimick (Jun 30)
- <Possible follow-ups>
- RE: Web sites compromised by IIS attack Stuart Fox (DSL AK) (Jun 30)
  - RE: Web sites compromised by IIS attack Denis Dimick (Jul 01)
    - RE: [OT] Web sites compromised by IIS attack Eric Paynter (Jul 01)

(Thread continues...)