Re: [Full-Disclosure] Authorities eye MSBlaster suspect

• Previous message: Schmehl, Paul L: "RE: [Full-Disclosure] Authorities eye MSBlaster suspect"
• In reply to: Chris DeVoney: "RE: [Full-Disclosure] Authorities eye MSBlaster suspect"
• Next in thread: Chris DeVoney: "[Full-Disclosure] Authorities eye MSBlaster suspect (long reply)"
• Reply: Chris DeVoney: "[Full-Disclosure] Authorities eye MSBlaster suspect (long reply)"
• Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] Authorities eye MSBlaster suspect"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Chris DeVoney" <cdevoney@u.washington.edu>, <full-disclosure@lists.netsys.com>
Date: Fri, 29 Aug 2003 12:22:19 -0700

shouldnt these measures been in place already?
instead of rushing on a per-incident basis, you should be implimenting
these things anyway. IMHO is prudent to expend some overkill
during lockdown and penetration testing on a system when
it is deployed or periodically tested, so there is a reduction
during a per-incident basis. You still not taking responsibility
to the proper party - the admin or security administrator
of said computing resource. They are the ones responsible
for allowing internet egress into thier networks, a known hostile
environment.

get educated, take some responsibility for you high paying job,
and quit trying to lay the blame elsewhere.

Donnie Werner
http://e2-labs.com

----- Original Message -----
From: "Chris DeVoney" <cdevoney@u.washington.edu>
To: <full-disclosure@lists.netsys.com>
Sent: Friday, August 29, 2003 10:39 AM
Subject: RE: [Full-Disclosure] Authorities eye MSBlaster suspect

> On Friday, August 29, 2003 8:24 AM, Charles Ballowe wrote:
> > Interesting -- the net cost of the worm is actually a net
> > $0.00. For every penny that a company chalks up as a cost to
> > the worm, some other company must be chalking up the cost as
> > a profit from the worm.
>
> Forgive the comment, but that statement is very untrue. As someone else
> hinted, companies are diverting manpower from other projects to tackle the
> worm. No other company is benefitting from that expenditure.
>
> Then there is the case of academic and medical establishments, of which I
> can speak from experience. There were some additional costs in hiring
> contractors. But the biggest cost was the diversion of (my estimate)
> hundreds of man-weeks to analyzing, patching, remediating, mitigating these
> worms from other projects. That wasn't money lost, that was time lost. And
> the faculty, staff, students, and everyone who depends on that work loss.
>
> I won't go into fuller details, but because of the heavy dependence of
> computing in biotechnology and medical fields, these worms and other
> security problems have a larger societial cost. Most university medical
> research comes from fixed grants. When you are always trying make those
> limited resources stretch, diverting money and time to nonsense like this is
> very, very frustrating. These problems do delay medical research and adds to
> the cost of medical research without giving human benefits.
>
> I wish these misceates would consider those implications before converting a
> lab server into a warez server when they get hit with a leading-edge or rare
> illness.
>
> cdv
>
> ------------------------
> Chris DeVoney
> Clinical Research Center Informatics
> University of Washington
> cdevoney@u.washington.edu
> 206-598-6816
> ------------------------
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Previous message: Schmehl, Paul L: "RE: [Full-Disclosure] Authorities eye MSBlaster suspect"
• In reply to: Chris DeVoney: "RE: [Full-Disclosure] Authorities eye MSBlaster suspect"
• Next in thread: Chris DeVoney: "[Full-Disclosure] Authorities eye MSBlaster suspect (long reply)"
• Reply: Chris DeVoney: "[Full-Disclosure] Authorities eye MSBlaster suspect (long reply)"
• Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] Authorities eye MSBlaster suspect"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: [Full-Disclosure] Authorities eye MSBlaster suspect ... >> a profit from the worm. ... But the biggest cost was the diversion of ... connections without taking _extremely careful and well thought through ... > the cost of medical research without giving human benefits. ... (Full-Disclosure) RE: [Full-Disclosure] Authorities eye MSBlaster suspect ... For every penny that a company chalks up as a cost to ... > a profit from the worm. ... the cost of medical research without giving human benefits. ... lab server into a warez server when they get hit with a leading-edge or rare ... (Full-Disclosure) Re: computing the cost of incidents ... ]on computer security and in the process of reading all the interviews ... without detailing exactly what you mean by "cost" (eg are heart attacks ... caused by annoyance at stupid news articles counted as a cost?) ... And in may cases are they costs atributed to the worm or to the ... (comp.security.misc) RE: What firewall for small medical research lab ... What firewall for small medical research lab ... I have been asked to research what good, low cost, firewall solutions ... Try Webroot's Spy Sweeper Enterprisefor 30 days for FREE with no ... (Security-Basics) Re: [Full-Disclosure] Authorities eye MSBlaster suspect ... >must be chalking up the cost as a profit from the worm. ... money for the fact that our help desk is just flooded with ... Canada) just pile more work on their internal help desks having to clean up ... (Full-Disclosure)