RE: A question for the list...

From: King, Brian (BKingat_private)
Date: Wed May 21 2003 - 09:47:47 PDT

Next message: Kevin Reardon: "Re: A question for the list..."

Previous message: Luciano Z: "cisco 7200 performance issue"
Maybe in reply to: Dan Hanson: "A question for the list..."
Next in thread: Kevin Reardon: "Re: A question for the list..."
Reply: Kevin Reardon: "Re: A question for the list..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Are owners of long term compromised systems really "innocents"?  If
people
>have left systems compromised with worms that are attacking other
networks
>and reports have been ignored for significant amounts of time, then
surely
>the compromised party are guilty of negligence ?
I would say that it depends who is administering the system.  I wouldn't
call a clueless personal user negligent, but it is expected that a
network administrator knows how to patch and protect computer systems
under his/her control.  To be negligent means that the person could fix
the problem but didn't.


>Personally, I think there are merits to some kind of "strikeback"
system,
>but it has worse than dubious legality, and would definitely be abused
>(without a question).  
I agree with you on this.  The question is: would script kiddies see
every network scan as an excuse for anarchy? 

>I think that ISP's need to make a more active role in
>this, and actively threaten to cut off customers whos compromised
systems
>are attacking other networks on the internet.
YES!

>Perhaps rather than a strikeback system, something similar to ARIS
could be
>used to send automated alerts to ISP's warning them that x number of
their
>customers have the latest worm.  In the event that ISP's are
non-compliant,
>and don't deal with their infected customers, peering points could
agree to
>enforce this upon ISP's.
I agree.  The idea about the peering points is dubious, though because
it brings in the idea of civilian enforcement.  Who watches the
watchers, though?  How can we ensure that system isn't abused?  


----------------------------------------------------------------------------
*** Wireless LAN Policies for Security & Management - NEW White Paper ***
Just like wired networks, wireless LANs require network security policies 
that are enforced to protect WLANs from known vulnerabilities and threats. 
Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

To get your FREE white paper visit us at:    
http://www.securityfocus.com/AirDefense-incidents
----------------------------------------------------------------------------

Next message: Kevin Reardon: "Re: A question for the list..."
Previous message: Luciano Z: "cisco 7200 performance issue"
Maybe in reply to: Dan Hanson: "A question for the list..."
Next in thread: Kevin Reardon: "Re: A question for the list..."
Reply: Kevin Reardon: "Re: A question for the list..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 22 2003 - 12:25:16 PDT