[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
- To: Max Valdez <maxvalde@fis.unam.mx>
- Subject: Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
- From: Valdis.Kletnieks@vt.edu
- Date: Fri, 15 Aug 2003 15:23:49 -0400
On Fri, 15 Aug 2003 10:39:21 CDT, Max Valdez <maxvalde@fis.unam.mx> said:
> Dont talk for others
>
> A lot of people realized and comented that, even news did
> > Nobody gave a shit when windowsupdate.microsoft.com got nailed with CodeRed.
And what actually *CHANGED*?
Yeah, a lot of people may have noticed, but for the most part it was "ooh
that's nice" and people kept moving along. How many people put 2 and 2
together when the NEXT worm came out a few weeks later, the one that left a
wide-open back door, and hassled their local Microsoft representative and
didn't let up until they got a good answer to the question "How do I know the
patches I download are OK?"
Remember in your answer to the above that "because they're signed by us" is
*NOT* a good answer - if you can't think of at least 4 different threat
scenarios given that both hackers and worms have *known* to have been loose on
their corporate net, you're in the wrong business.. ;)
Or did you just pull a Canada Bill, who responed to the question "Bill, don't
you known this game is crooked?" with "Yeah, but it's the only game in town"?
PGP signature