[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Sasser author

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] Sasser author
From: Harlan Carvey <keydet89@xxxxxxxxx>
Date: Thu, 13 May 2004 09:18:26 -0700 (PDT)

Serge,

I agree with you, as well...but I think at some point,
we (and by "we", I mean the CxOs responsible to the
Boards of companies for the operation and function of
those entities...) really need to start heading "best
practices".  The Principle of Least Privilege wasn't
something that just spang into existance yesterday.

You're right...according to our laws, it is a crime. 
But that doesn't mean that we have to be victims...

--- "Serge van Ginderachter (svgn)" <svgn@xxxxxxxx>
wrote:
> 
> 
> 
> > I agree...to a point.
> > 
> > Sasser violates poorly designed/implemented
> network
> > infrastructures.
> > 
> 
> Correct, but that does not make it less a crime.
> 
> If I forget to lock my car, it does not make it
> right to steal it. I'm
> stupid, yes, and my insurance won't pay me back, but
> it still is a crime.
> 
> 
> Serge
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Sasser author
  - From: Serge van Ginderachter (svgn)

Prev by Date: Re[2]: [Full-Disclosure] Support the Sasser-author fund started
Next by Date: Re: [Full-Disclosure] Support the Sasser-author fund started
Previous by thread: RE: [Full-Disclosure] Sasser author
Next by thread: Re: [Full-Disclosure] Sasser author
Index(es):
- Date
- Thread