[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] no more public exploits and general PoC gui de lines
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] no more public exploits and general PoC gui de lines
- From: Eric LeBlanc <inouk@xxxxxxx>
- Date: Wed, 28 Apr 2004 09:35:43 -0400 (EDT)
On Tue, 27 Apr 2004, Jedi/Sector One wrote:
> On Tue, Apr 27, 2004 at 04:05:13PM -0400, kquest@xxxxxxxxxxxx wrote:
> > Are you saying that unless there's an exploit
> > that gives you access to the target machine
> > your company wouldn't patch
>
> It's a matter of priority.
>
> For most PHBs, proactive security must be very low priority because
> keeping systems up to date doesn't bring any money to the company.
>
Just to tell your boss that the
worm/DoS/exploit/wathever-that-will-cause-a-severe-damage-on-machines-and-network
will cost them more than keeping their system up to date (with proof).
It's enough to convince them that the patching will save them a *LOT* of
money and time (if the patch don't broke the system of course, especially
with microsoft patches).
If they don't want to understand it.. Well, I want to be there when their
system will have a virus/wathever just to see their face :-) Oh, it's
possible that the VP of company will tell to you that it's YOUR fault...
E.
--
Eric LeBlanc
inouk@xxxxxxx
--------------------------------------------------
UNIX is user friendly.
It's just selective about who its friends are.
==================================================
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html