Full Disclosure mailing list archives
RE: [inbox] Re: Fw: Sasser author
From: "Exibar" <exibar () thelair com>
Date: Fri, 14 May 2004 19:33:43 -0400
I'ts not really that simple though. Ok, this guy has 50 or so machines on a (assumed) flat network. He's running Checkpoint-1 firewall and blocking all not-needed ports, etc etc. He feels that because he has a firewall blocking the Sasser ports at the only internet ingress/egress point that he's safe and doesn't care that 90% of those 50 machines aren't patched because "he's safe, he has the ports blocked at the firewall". WRONG!!! All it takes is his Vice President, whose not patched yet because the admin didn't want to disturb him late on a Friday, to plug his machine into his home internet connection and WHAM, now he's infected but doesn't know it yet. Sure his machine shuts down but he just figures he'll bring it into the office on Monday and ask the admin what he did wrong. Comes Monday morning that VP plugs into the network and infects the entire network in seconds... Where's your precious firewall only solution going to help now? Oh yah, it'll keep the worm from spreading OUTSIDE the company now.... tsk tsk tsk.... should have patched when he had the chance.... Exibar
-----Original Message----- From: William Warren [mailto:hescominsoon () emmanuelcomputerconsulting com] Sent: Friday, May 14, 2004 5:39 PM Cc: full-disclosure () lists netsys com Subject: [inbox] Re: Fw: [Full-disclosure] Sasser author any firewall even the one inside xp would have stopped sasser and you would have been able to patch at your leisure. Paolo Mattiangeli wrote:----- Original Message ----- From: "Paolo Mattiangeli" <pamatt () centrodiascolto it> To: <full-disclosure () lists netsys com> Sent: Friday, May 14, 2004 5:41 PM Subject: Re: [Full-disclosure] Sasser authorI am responsible for security in a small business' network (50-or-so machines, most of them running MS OSs). I have been aware ofMSS bulletinsas soon as they where out, and made sure to apply patches as specified. Sasser did nothing to my offices' network. But, on the otherhand, I haveasingle PC at home, one I don't use very much, and I often forget to deal with security patches on that machine. Well - would you bet? - I got a Sasser infection at home, which caused me the discomfort of a late-night session of cleaning, disinfeting, patching and do on. I put the blame onme,of course. But sure I could have spent that night doingsomething better,chat-cheating the wife, reading a book, going to the movies andso on. Somyquestion is: what wrong did al this do to The Microsoft BEAST?It only didsome wrong to me and my personal life. I could have avoided that, butcan'tI feel safe at home? Should I be satisfied at thinking thatthis guy is a"social naive" whith no conscience of the consequences of hisacts? Isn'tthis what the law is meant for, to protect citizens andbusiness from theconsequences of other people's acts? Just another 0.02 worth comment in this thread, that is goingstale IMO...Paolo Mattiangeli_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html-- My "Foundation" verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Sasser author, (continued)
- Re: Sasser author Jeremiah Cornelius (May 13)
- Re: Sasser author Mister Coffee (May 14)
- Re: Sasser author Jeremiah Cornelius (May 13)
- RE: Sasser author Harlan Carvey (May 13)
- Re: Sasser author Rodrigo Barbosa (May 13)
- Re: Sasser author Harlan Carvey (May 13)
- RE: Sasser author Bart . Lansing (May 13)
- Re: Sasser author Rodrigo Barbosa (May 13)
- RE: Sasser Author brownr9 (May 13)
- Re: RE: Sasser Author Oliver Kellermann (May 13)
- Fw: Sasser author Paolo Mattiangeli (May 14)
- Re: Fw: Sasser author William Warren (May 14)
- RE: [inbox] Re: Fw: Sasser author Exibar (May 14)
- Re: Fw: Sasser author Nick FitzGerald (May 14)
- Re: Fw: Sasser author William Warren (May 14)