-----BEGIN PGP SIGNED MESSAGE----- On Thu, 24 May 2001, Chip Mefford wrote: > > > Apparently chinese hackers are planning to release a variety of > > > worms in the near future. <snip> > > I would like to ask the question, "What difference does it make?" <snip> > > A sentry standing guard will pay better attention when he knows > hostility is emminent. This may be true, but a sentry will also come to blow off such warnings when they come so frequently and are hyped beyond belief. Right now the security field appears to be inundated with both Chicken Little and the Boy-Who-Cried-Wolf types. General security measures (keeping up with OS and service patches, disabling vulnerable services, using TCP wrappers, avoiding clear-text or predictable authentication mechanisms, appropriately configured firewalls and IDS's, having a sane remote access policy in force) will mitigate the impact of any given worm, short of an outright DoS. Remember that these worms utilize tried-and-true exploits. Those exploits are consistently geared towards vulnerabilities that were identified months (if not *years*) ago. This has been true ever since the 1988 Morris worm. - -Jay ( ( _______ )) )) .- "There's always time for a good cup of coffee" -. >====<--. C|~~|C|~~| (>------ Jay D. Dyson -- jdysonat_private ------<) | = |-' `--' `--' `---- "Get in. Sit down. Hold on. Shut up." ----' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBOw1j3NCClfiU/BIVAQF8sgP/ScxVBRj96JimETCCvBYebT2zLzYka+Gv +jkGmVSIhF1ffFYQTq6HJn7ViKSPoxvp9XUpT6draa8AObX+FwB9ukA0uIGTyqId zQ9Sbz5iUGr849Em7u2F58FI8cOP7QNLyLY8zL+TfLdqazLY2LYibhA6pLiQ0hiH ZmGf9dgRdFs= =B1kw -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri May 25 2001 - 09:43:34 PDT