about disclosure of nimda logs

From: lorenzo (lorenzoat_private)
Date: Wed May 08 2002 - 11:01:16 PDT

Next message: Dug Song: "Publishing Nimda Logs == BAD IDEA"

Previous message: Dug Song: "Publishing Nimda Logs == BAD IDEA"
Next in thread: leon: "RE: about disclosure of nimda logs"
Reply: leon: "RE: about disclosure of nimda logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I agree with the fact that on those mailing lists there is a full
disclosure of vulnerabilities; but let us not forget that there is
usually a period of time left to the vendors to fix them.

So, why not allow a period of time after which the logs will be made
public?

The question is: can the owner of the machine be contacted?
If yes, then allow him 2 weeks.
If not, let's say 3 weeks.

I'm saying '3 weeks' because sometimes people don't want to leave
contact information, or their contact e-mail are too spammed - so it's
not necessarily their fault if they cannot be contacted.
But after 3 weeks I assume that every script kiddie in the world will
have the machine's address, so publishing it won't affect too much the
bandwidth.

Opinions?

-- 

lorenzo
lorenzoat_private

Next message: Dug Song: "Publishing Nimda Logs == BAD IDEA"
Previous message: Dug Song: "Publishing Nimda Logs == BAD IDEA"
Next in thread: leon: "RE: about disclosure of nimda logs"
Reply: leon: "RE: about disclosure of nimda logs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 08 2002 - 18:34:53 PDT