Re: [Full-Disclosure] Sasser author

From: Paolo Mattiangeli (pamatt_at_centrodiascolto.it)
Date: 05/14/04

  • Next message: Raymond Dijkxhoorn: "Re: [Full-Disclosure] cyberwar against US ?" 
    To: <full-disclosure@lists.netsys.com>
Date: Fri, 14 May 2004 17:41:01 +0200

    I am responsible for security in a small business' network (50-or-so
    machines, most of them running MS OSs). I have been aware of MSS bulletins
    as soon as they where out, and made sure to apply patches as specified.
    Sasser did nothing to my offices' network. But, on the other hand, I have a
    single PC at home, one I don't use very much, and I often forget to deal
    with security patches on that machine. Well - would you bet? - I got a
    Sasser infection at home, which caused me the discomfort of a late-night
    session of cleaning, disinfeting, patching and do on. I put the blame on me,
    of course. But sure I could have spent that night doing something better,
    chat-cheating the wife, reading a book, going to the movies and so on. So my
    question is: what wrong did al this do to The Microsoft BEAST? It only did
    some wrong to me and my personal life. I could have avoided that, but can't
    I feel safe at home? Should I be satisfied at thinking that this guy is a
    "social naive" whith no conscience of the consequences of his acts? Isn't
    this what the law is meant for, to protect citizens and business from the
    consequences of other people's acts?

    Just another 0.02 worth comment in this thread, that is going stale IMO...

    Paolo Mattiangeli

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Raymond Dijkxhoorn: "Re: [Full-Disclosure] cyberwar against US ?"

    Relevant Pages

    • Re: Active Directory Setup Advice
      ... A domain is really an entity with a single security remit. ... seen as on the same network it will be like one big network. ... Under one domain all machines have to be unique in naming scheme. ... sub domains you can have same names under different domain. ...
      (microsoft.public.windows.server.active_directory)
    • Re: How to access I/O port directly in VC6.0?
      ... As soon as you have standalone machines, ... Their "security" as far as servers was a joke; ... discovered the internal wireless network was completely unencrypted. ...
      (microsoft.public.vc.mfc)
    • Re: Food for Thought
      ... >> What I am talking about are business IS ... >> connect a production network to the 'net in order to provide it. ... but had no security designed into it. ...
      (comp.security.misc)
    • Re: Food for Thought
      ... >> What I am talking about are business IS ... >> connect a production network to the 'net in order to provide it. ... but had no security designed into it. ...
      (comp.os.ms-windows.nt.admin.security)
    • Re: Food for Thought
      ... >> What I am talking about are business IS ... >> connect a production network to the 'net in order to provide it. ... but had no security designed into it. ...
      (microsoft.public.win2000.security)