Full Disclosure mailing list archives

Re: Sasser author

From: "morning_wood" <se_cur_ity () hotmail com>
Date: Thu, 13 May 2004 12:48:32 -0700

Sasser violates poorly designed/implemented network infrastructures.


kinda like breaking into a room via a locked door, through a window in
said locked door. The door design does not impliment a proper design 
infrastructure for the intended application.

Jail the mfg of the Door?? i think not.

The door is not of suitible design for the intended security application, sure,
but someone did circumvent the security device ( the lock ) via an exploitable
flaw ( the window). Still a clear case of breaking and entering, not to memtion
circumvention of an access device ( the lock in the door ).

my 2bits.

D. Werner

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Sasser author Earl Keyser (May 13)
- Re: Sasser author Andrew Morris (May 13)
  - Re: Sasser author van Helsing (May 13)
    - Re: Sasser author Tobias Weisserth (May 13)
    - RE: Sasser author Nils Ketelsen (May 14)
    - RE: Sasser author Tobias Weisserth (May 14)
    - Re: Sasser author Paolo Mattiangeli (May 14)
- Re: Sasser author Harlan Carvey (May 13)
  - RE: Sasser author Larry Seltzer (May 13)
    - Re: Sasser author morning_wood (May 13)
- Re: Sasser author Oliver Kellermann (May 13)
  - Re: Sasser author Rodrigo Barbosa (May 13)
    - Re: Sasser author Oliver Kellermann (May 13)
- Re: Sasser author list (May 14)
  - Re: Sasser author Anders B Jansson (May 14)
    - Re: Sasser author list (May 14)
    - Re: Sasser author Anders B Jansson (May 14)
    - Re: Sasser author list (May 16)
- RE: Sasser author ( off thread post about duplicate emails ) Aditya, ALD [Aditya Lalit Deshmukh] (May 14)
  - RE: Sasser author ( off thread post about duplicate emails ) Raymond Dijkxhoorn (May 14)

(Thread continues...)