[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws

To: "Schmehl, Paul L" <pauls@xxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws
From: Jay Sulzberger <jays@xxxxxxxxx>
Date: Fri, 26 Sep 2003 20:41:02 -0400 (EDT)


On Fri, 26 Sep 2003, Schmehl, Paul L wrote:

> > -----Original Message-----
> > From: Jay Sulzberger [mailto:jays@xxxxxxxxx]
> > Sent: Friday, September 26, 2003 1:31 PM
> > To: Schmehl, Paul L
> > Cc: full-disclosure@xxxxxxxxxxxxxxxx; Jay Sulzberger
> > Subject: RE: [Full-Disclosure] RE: Probable new MS DCOM RPC
> > worm for Windo ws
> >
> > Why should not each and every machine report the status of its files?
> >
> Oh, things like, you don't have sufficient access rights to check file
> properties.

Ah, so you have serious stuff on some of these machines.  Why not then hashes?

>
> I know in the ideal world that every machine logs in to the domain and
> every machine has Domain Admins in the Local Administrator group and
> every machine has the SMS agent (or some similar agent) and reports all
> its properties back to a management console and every machine can be
> controlled remotely, etc., etc., etc., yada, yada, yada.
>
> I just don't know where that ideal world is.
>
> Paul Schmehl (pauls@xxxxxxxxxxxx)

Thanks.

oo--JS.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws
  - From: Schmehl, Paul L

Prev by Date: Re: [Full-Disclosure] Rootkit
Next by Date: Re: [Full-Disclosure] Rootkit
Previous by thread: Re: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windows
Next by thread: RE: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windo ws
Index(es):
- Date
- Thread