[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Sasser author

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Sasser author
From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
Date: Thu, 13 May 2004 12:48:32 -0700

> >>Sasser violates poorly designed/implemented network infrastructures.

kinda like breaking into a room via a locked door, through a window in
said locked door. The door design does not impliment a proper design 
infrastructure for the intended application.

Jail the mfg of the Door?? i think not.

The door is not of suitible design for the intended security application, sure,
but someone did circumvent the security device ( the lock ) via an exploitable
flaw ( the window). Still a clear case of breaking and entering, not to memtion
circumvention of an access device ( the lock in the door ).

my 2bits.

D. Werner

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Sasser author
  - From: Larry Seltzer

Prev by Date: Re: [Full-Disclosure] Support the Sasser-author fund started
Next by Date: RE: [Full-Disclosure] FW: Unique Logo demonstrates Personality of Your Business
Previous by thread: RE: [Full-Disclosure] Sasser author
Next by thread: Re: [Full-Disclosure] Sasser author
Index(es):
- Date
- Thread