[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] No Subject (re: openssh exploit code?)

To: "Montana Tenor" <montanatenor@yahoo.com>
Subject: RE: [Full-Disclosure] No Subject (re: openssh exploit code?)
From: "Robert Ahnemann" <rahnemann@affinity-mortgage.com>
Date: Tue, 21 Oct 2003 16:21:27 -0500

> Hi Robert,
> 
> --- Robert Ahnemann <rahnemann@affinity-mortgage.com>
> wrote:
> > I flip to the local radar and get some sort of proof
> > that there might be
> > a thunderstorm coming.  Talk is cheap (as was said),
> > so its up to the
> > admin to verify if A) there is a real threat B) the
> > threat applies to
> > your systems C) the threat damage is worth the
> > damage of 'unscheduled
> > downtime'
> >
> > (for the analogy challenged:  radar = some sort of
> > proof of concept or
> > something of the likes)
> 
> But would you flip to the radar if the local TV
> Weatherman told you to seek shelter and bring the kids
> in?  I'd go get the kids first.  CERT being the
> weatherman in this case..
> 
> Cheers,
> Matt

Comparing a random subscriber on a full-disclosure list and CERT is
somewhat of a bad comparison, no?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] No Subject (re: openssh exploit code?)
Next by Date: [Full-Disclosure] RE: IE6 & Java 1.4.2_02 applet: Hardware stress on floppy drive
Previous by thread: RE: [Full-Disclosure] No Subject (re: openssh exploit code?)
Next by thread: [Full-Disclosure] Potential DoS in WinSyslog/MonitorWare Agent Interactive Syslog Server
Index(es):
- Date
- Thread