[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Windows Dcom Worm planned DDoS

To: <full-disclosure@lists.netsys.com>
Subject: Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
From: Jeremiah Cornelius <jeremiah@nur.net>
Date: Tue, 12 Aug 2003 09:21:23 -0700

On Tuesday 12 August 2003 06:40 am, Franky Van Liedekerke wrote:

> I guess everybody can implement SUSserver (www.susserver.com): it's a
> local version of a windows update server.
> If you implement this, you can allow only this server access to the
> microsoft update sites, and let everybody else (from within the
> ISP his network) connect to the local update server.

I guess everyone can implement THIS to upgrade Windows:

http://www.tldp.org/HOWTO/KickStart-HOWTO.html

Or even better!  Why should you distribute risky code to every physical point 
in an organization?  Personal OS installs are for laptops.

http://www.ltsp.org/documentation/ltsp-3.0-4-en.html

Microsoft's "Trustworthiness' is running a wee bit thin.  This exploit 
survived their charming little 'code review and profiling' PR episode last 
year - and the 5 month delay of Win2003 for security reasons.

>From a risk perspective, every security manager in the world should be 
weighing the value of including any MS platform or protocol in their trusted 
operations.  Factors in this equation include a vendor who's business 
interests are in potential or active conflict with most of their customers; a 
vendor with a track record of CONSISTANTLY getting the most important things 
wrong 8 out of 10 times; a vendor with a willingness to embed^H^H^H^H^H 
infest server platforms with public keys, for which they maintain the private 
keys. 

This last factor - from any vendor - should present an irrepairable violation 
of Security Policy.  Why worry about trojans on your OS of choice, when the 
OS is itself a trojan? 

-- 
Jeremiah Cornelius, CISSP, CCNA, MCSE

Information Security Technology

email: jcorneli@hotmail.com - mobile: 415.235.7689

"What would be the use of immortality 
to a person who cannot use well a half hour?"

--Ralph Waldo Emerson
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
  - From: Nick FitzGerald <nick@virus-l.demon.co.uk>
- RE: [Full-Disclosure] Windows Dcom Worm planned DDoS
  - From: "Andrew Thomas" <andrew@generator.co.za>
- Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
  - From: Franky Van Liedekerke <liedekef@pandora.be>

Prev by Date: Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
Next by Date: Re: [normal] RE: [Full-Disclosure] Windows Dcom Worm planned DDoS
Prev by thread: Re: [Full-Disclosure] Windows Dcom Worm planned DDoS
Next by thread: RE: [Full-Disclosure] Windows Dcom Worm planned DDoS
Index(es):
- Date
- Thread