Tim Mullen, 2003-02-03
With the Slammer worm network security becomes literally a matter of life and death. Where do we go from here?
Colapse all |
Post comment
Something Needs to Change
2003-02-03
SamJ (1 replies)
SamJ (1 replies)
Another of the level headed, informative, and factual articles that i have come to expect from you, Tim. It is really nice to see someone put things in the proper perspective. Security really is a balance, and more people should learn that rather than immediately pointing fingers and blaming MS. ...
[ more ] [ reply ]
[ more ] [ reply ]
Something Needs to Change
2003-02-05
Anonymous
Anonymous
Here Here! Dev got into trouble over here as well. It was really the firewall guy's fault. There is no freaking reason at all that UDP 1434 should have been let in. As of today, all they have done is filtered destination 1434. They still have not learned their lesson, but I have forwarded this ar...
[ more ] [ reply ]
[ more ] [ reply ]
Something Needs to Change
2003-02-03
Anonymous
Anonymous
I think the biggest problem is the small one man shows. I think everyone has been there at one time or another. A company hires on a greenhorn because he is cheep to hire and hope he knows what to do. This has two outcomes, one he sucks and they fire him. The other is he enjoys his work and excels. ...
[ more ] [ reply ]
[ more ] [ reply ]
Something Needs to Change
2003-02-04
Robert Campbell : robert.campbell@ecommnet.co.uk
Robert Campbell : robert.campbell@ecommnet.co.uk
Well done Tim the only other commentator to raise the leaky firewall issue.
I can't agree more with the need to identify the real Strategic issues involved, and work with all within the industry and Politics to develop enforcable best practice before either a) the network gets taken out for real or...
[ more ] [ reply ]
I can't agree more with the need to identify the real Strategic issues involved, and work with all within the industry and Politics to develop enforcable best practice before either a) the network gets taken out for real or...
[ more ] [ reply ]
911 emergency response system
2003-02-04
Anonymous (2 replies)
Anonymous (2 replies)
This sounds like pure bullshit. If in fact this hicktown in WA has plugged their 911 emergency response system into the internet to save dollars, they should be investigated by the authorities. A one in a million worm creating congestion is nothing compared to the daily outages and normal congestio...
[ more ] [ reply ]
[ more ] [ reply ]
911 emergency response system
2003-02-04
Anonymous HoGr
Anonymous HoGr
Tim told me that the 911 system itself was not connected to the net, but rather, it was the city itself that was completely hosed when they got infected. The emerg unit could not get to the city systems at all. ALL Bellvue systems were hosed up- the police, administration, everything. 911 was jus...
[ more ] [ reply ]
[ more ] [ reply ]
911 emergency response system
2003-02-09
Anonymous
Anonymous
Well, for one, they shouldn't have even picked M$ products in the first place. With all the publicity and hoopla of all the M$ exploits out there, it is evident that perhaps people should re-consider even issuing M$ products.
We switched over to Apache and OpenBSD servers 2 years ago, and w...
[ more ] [ reply ]
We switched over to Apache and OpenBSD servers 2 years ago, and w...
[ more ] [ reply ]
4617 bytes... Something Needs to Change
2003-02-04
shawn (2 replies)
shawn (2 replies)
four-thousand six-hundred seventeen bytes...
that's how much space it took for Mr. Mullen to not really say anything at all......
[ more ] [ reply ]
that's how much space it took for Mr. Mullen to not really say anything at all......
[ more ] [ reply ]
4617 bytes... Something Needs to Change
2003-02-04
Byter (1 replies)
Byter (1 replies)
LoL...yeah...nothing new in the article, everyone has said the same thing over and over and over and over and over......
[ more ] [ reply ]
[ more ] [ reply ]
4617 bytes... Something Needs to Change
2003-02-05
Anonymous
Anonymous
I disagree. Most things I read just blame MS and their poor patch. I think tim is right on the money about management not letting us do our jobs- no one is saying that over and over. And nobody had reported on the fact that someone could have died. That is scary. The legal implications tim rais...
[ more ] [ reply ]
[ more ] [ reply ]
Something Needs to Change
2003-02-05
blacklight (1 replies)
blacklight (1 replies)
The only approach to security that works is a disciplined, methodical, unsentimental approach: (1) disciplined - there must be standardized procedures and methodologies. Any exception must be known, justified, documented and automatically removed once the justification is gone; (2) methodical - eve...
[ more ] [ reply ]
[ more ] [ reply ]
Something Needs to Change
2003-02-05
RobJ (1 replies)
RobJ (1 replies)
Dear BlackLight,
Apparently you just started using MS products yesterday? You said in short, MS should provide whitepapers detailing how to secure their products. Have you heard of Technet? Have you ever read a Knowledge Base article? There is no shortage what-so-ever of documentation to secure...
[ more ] [ reply ]
Apparently you just started using MS products yesterday? You said in short, MS should provide whitepapers detailing how to secure their products. Have you heard of Technet? Have you ever read a Knowledge Base article? There is no shortage what-so-ever of documentation to secure...
[ more ] [ reply ]
Something Needs to Change
2003-02-06
Anonymous (1 replies)
Anonymous (1 replies)
In fact, there is an entire site specifically dedicated to just that... whitepapers.
http://www.microsoft.com/serviceproviders/whitepapers/defaul
t.asp
That is to say nothing of http://www.microsoft.com/technet/
OR
http://www.microsoft.com/security/
BlackLight - If you are going to pos...
[ more ] [ reply ]
http://www.microsoft.com/serviceproviders/whitepapers/defaul
t.asp
That is to say nothing of http://www.microsoft.com/technet/
OR
http://www.microsoft.com/security/
BlackLight - If you are going to pos...
[ more ] [ reply ]
Something Needs to Change
2003-02-08
blacklight
blacklight
Dear Folks,
I am an MCSE and I do hold MCP certifications for MS SQL Server 6.5, MS Proxy Server 2 and MS Exchange Server 5.5 - I would have gone for the IIS4 certification had it not been canceled. In addition, I have read thousands of pages of Microsoft documentation over the years including Te...
[ more ] [ reply ]
I am an MCSE and I do hold MCP certifications for MS SQL Server 6.5, MS Proxy Server 2 and MS Exchange Server 5.5 - I would have gone for the IIS4 certification had it not been canceled. In addition, I have read thousands of pages of Microsoft documentation over the years including Te...
[ more ] [ reply ]
Something Needs to Change
2003-02-06
Anonymous
Anonymous
From the article: "The problem is that most management teams don't give IT the resources it needs to do its job, or the power to set and enforce policy when it comes to securing the services your business units dictate must be available."
Yeah, YOU tell the CEO or the President of your company, o...
[ more ] [ reply ]
Yeah, YOU tell the CEO or the President of your company, o...
[ more ] [ reply ]
Sure Something Needs to Change your NOS
2003-02-13
I D ten T for staying with MS
I D ten T for staying with MS
Until your willing to change your network operating system to a more stable product it's going to be business as usual. Bill doesn't care, he wants you to upgrade in a few months so he can get more of your money, promise you a better more stable product that opens another can of worms...
Haven't...
[ more ] [ reply ]
Haven't...
[ more ] [ reply ]
There's a reason military and some commercial (e.g. nuclear reactors) control centers use dedicated lines.
The Internet is not a safe place. That...
[ more ] [ reply ]