-----BEGIN PGP SIGNED MESSAGE----- On Fri, 28 Sep 2001, Chip Mefford wrote: > > I see one problem as how to recompense those who have been > > harmed. > > How about this, > > Welcome to the Internet; > No warranties expressed or implied, > use at YOUR OWN RISK. This argument is myopic at best, fundamentally illogical at worst. The people who are running insecure systems are doing little but fouling the nest for the rest of us. I have absolutely no complaint about defending my systems...but when the insecurity of other systems renders the networks unusuable, that's when I draw the line. Let me put this in real-life terms: my upstream was infested (not just infected...INFESTED) with Code Red since the very start. After getting close to one thousand scans from Code Red systems on the same Class B as my own, I made it a point to alert the upstream about the problem on a realtime basis (hence, Early Bird). Positive results gradually came to pass, but not in sufficient quantity by the time Nimda hit on September 18th. At that point, my upstream was overwhelmed by the traffic generated by the worm (courtesy of the uncaring and/or incompetent IIS admins). ARP storms turned into blizzards; routers began crashing faster than they could be brought up. And the "solution" of the upstream? All traffic on port 80 -- both inbound and outbound -- was BLOCKED. So, thanks to a bunch of uncaring (if not incompetent) admins who couldn't manage their own systems, *my* systems were knocked off the 'net for close to 24 hours. Mind you, NONE of my systems were vulnerable; NONE were infected; NONE were spreading the worm. Even so, both myself and my users (not to mention the security teams for which I work) had to suffer the blackout that was wholly the end product of the [in]actions of the incompetents. Anyone who argues that the innocent should pay the price for the conduct of the guilty should get their head examined. Normally, I would gladly volunteer to perform this task, but my chainsaw is presently out for maintenance. - -Jay ( ( _______ )) )) .-"There's always time for a good cup of coffee."-. >====<--. C|~~|C|~~| (>------ Jay D. Dyson - jdysonat_private ------<) | = |-' `--' `--' `--------------- rm -rf /bin/laden ---------------' `------' -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: See http://www.treachery.net/~jdyson/ for current keys. iQCVAwUBO7SlnblDRyqRQ2a9AQFI2gP6Ax5U95E2c3hK829JmkRpupPlC97nered OQQthwrIdGYvlJFK90HL8hd8k91ITr9+87QkD8bZFuEKDu+IQdSmxH+ULIC/SVU5 UpwvcQLFrsRZoIF5LCHufhp+dvlUnVS9lweP7HTzuxcVZ9azanfuDJ9ql+dsJ2aU C8U9T/w3/6w= =X/wH -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Sep 28 2001 - 10:40:48 PDT