nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Even you can be hacked

From: "McBurnett, Jim" <jmcburnett () msmgmt com>
Date: Thu, 10 Jun 2004 14:47:32 -0400


Laurence F. Sheldon, Jr. wrote:


Even if the water company is sending me 85% TriChlorEthane?



Right.  Got it.  The victim is always responsible.



There you have it folks.


Ok.
Being resposible as network manager, if I think something is strange and I nor my staff
can fix it. I call for help. Either Vendor support, a good consultant, or community help.

In many cases the Victim always has some portion of responsibilty.

If I leave a Windows 2000 server SP 0 no security fixes on my network, get it hacked and have
a lawsuit cause XYZ company caught a hacker attack from it.... who is the Victim? who is responsible?
This may be exactly what that guy did....

I think Sean sent out the California law reference last year that said the VICTIM of a security
breach must report it to their customers... 

I think we have alot of operational issues that we must look at here..
What do we do?
Many AUP's I have seen would have shut down that customer, if someone complained.....

Does this mean if we go to a for profit bandwidth charge system that we let people destroy others with the worms
they have for money we would get chargeing for the worm attack?


Jim
Previous By Date Next
Previous By Thread Next

Current thread: