As a security person at a University, I've been dealing with a lot of people over the last few weeks who have had their machine compromised by one of the worms du jour, and I'm beginning to notice a disturbing trend: People *like* being infected by Code Red. You heard me right. People like it. Not the system administrators or the security people who have to do the clean-up work, but the users of the machines. They like it. It's exciting. *They* were infected by the Code Red Worm. It was on the *news* and it effected *them*. They can go home and tell all of their friends and family. Sure, their machine was off the network for a few days because they didn't take care of it, but it's well worth it for the story that they get to tell. Now, that all said, this isn't the case for most of the people we've dealt with -- most people recognize the seriousness of the situation and have handled it professionally. But there are people who have reacted like this. When they do, we politely point out to them that something *bad* has happened to their machine and they need to be more careful. It's probably just human nature and there's nothing we can do about it... but it's something to remember when talking to the media -- if you create excitement about something, people will be excited about it when it happens to them. -Larry --- E. Larry Lidz Phone: (773)702-2208 Sr. Network Security Officer Fax: (773)702-0559 Network Security Center, The University of Chicago PGP: http://security.uchicago.edu/centerinfo/pgpkeys.shtml ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 09:18:51 PDT