[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Learn from history?
- To: Full-Disclosure <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Learn from history?
- From: "Serge van Ginderachter (svgn)" <svgn@xxxxxxxx>
- Date: Wed, 5 May 2004 19:09:26 +0200
I work in SME environments. Those guys don't have the resource and money,
nor the knowledge to begin to understand.
It's also about practical stuff.
> 1. Keep informed.
Sure. I'll inform all my 300 customers MS release a bug today, and I'll drop
by to all of them to patch tomorrow.
> 2. Install patches as soon as possible
That would involve runnning Windows Automated Update every night
automagically...
> 2. If a patch cannot be installed, find workarounds
That does not work with the workarounds customer need to facilitate life
(security <> easy of use, remember)
> 3. If it is a port-related threat, find out if such ports are
> in use, and if
> not, make sure they are closed. (Of course there would
Once the virus is on the LAN it can do whatever it wants.
> Some of the comments overheard this week regarding Sasser:
I got a nice one today, when trying to explain why opening OWA directly is
not a nice idea:
"I have a natting router which acts like a firewall and I have anti-virus
software, so what's the problem?"
I did propose some firewall, but they feel it's too much EUREUREUREUR
> Will they learn from history? Only history will tell.
I'm pretty sure they won't. Even most tech guys don't have a clue.
Serge
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html