[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM WormPropagation (fwd)

To: Chris Garrett <somatose@cox.net>
Subject: Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM WormPropagation (fwd)
From: Andrew Simmons <andrews@mis-cds.com>
Date: Tue, 12 Aug 2003 14:06:46 +0100

Chris Garrett wrote:
> Richard Stevens:
> 
>>I must be missing something here... xp home & pro both have a "click
>>and forget" firewall?
>>why aren't people using it?
> 
> 
> You're talking about the Internet Connection Firewall (ICF)? Firstly, if most
> people even knew what a firewall was, then the impact of this worm might not
> have been as severe. I'm sure you realize there are a lot of users out there
> that bought XP for its "pretty" interface. Those people don't know a firewall
> from a hole in the wall. If you tell them it can protect their precious computer
> from evil script kiddies, then they might be more interested, but unless you put
> that information right in their face, they're not going to bother.
> 

"What's a script kiddie?"
"I don't have anything worth breaking into my machine for"
"I don't care if anyone breaks into my machine"
"what's a packet filter?"
"What's IP?"

etc, etc.

Yes, of course there are answers to these questions... but from an ISPs 
perspective, it's got to be easier and cheaper to just block the ports and 
have done with it.

[ snip ]

> 
> Of course we could just take the easy way out: How do you secure the Internet?
> Kill all its users.
> 

http://blackadder.powertie.org/transcripts/2/1/

Wisewoman: Very well then. Three other paths are open to you. Three cunning
            plans to cure thy ailment.
Edmund:    Oh good.
Wisewoman: The first is simple. Kill Bob!
Edmund:    Never.
Wisewoman: Then try the second. Kill yourself!
Edmund:    No. And the third?
Wisewoman: The third is to ensure that no one else ever knows.
Edmund:    Ha, that sounds more like it. How?
Wisewoman: Kill everybody in the whole world. Ah, ha, ha...!!!

\a

> Regards,
> Christohper Garrett III
> Inixoma, Incorporated
> 

The information contained in this message or any of its attachments may be privileged and confidential and intended for the exclusive use of the intended recipient. If you are not the intended recipient any disclosure, reproduction, distribution or other dissemination or use of this communications is strictly prohibited.  The views expressed in this e-mail are those of the individual and not necessarily of MIS Corporate Defence Solutions Ltd.  Any prices quoted are only valid if followed up by a formal written quote.  If you have received this transmission in error, please contact our Security Manager on 44 (0) 1622 723410.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
  - From: "Richard Stevens" <richard@tccnet.co.uk>
- Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
  - From: "Chris Garrett" <somatose@cox.net>

Prev by Date: Re: [Full-Disclosure] MSblast worm
Next by Date: Re: [Full-Disclosure] MSblast worm
Prev by thread: Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
Next by thread: Re: [Full-Disclosure] ISS Security Brief: "MS Blast" MSRPC DCOM Worm Propagation (fwd)
Index(es):
- Date
- Thread