Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
> -----Original Message----- > From: Perrymon, Josh L. [mailto:[EMAIL PROTECTED] > Sent: Sunday, June 06, 2004 10:36 PM > To: 'Ron DuFresne'; Jerry Heidtke > Cc: Schmehl, Paul L; [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] another new worm submission > > I agree. > > Anyone that would have those ports open has a *lot more to > worry about that cleaning a few worm infections. > That's not the case here. This infection was caused by a > remote user not a Lan user. > With several hundred laptops it's hard have 0 exposure. As > with any growing security practice and today's decreased > budgets areas of focus are determined on risk exposure. > > Anywho- > I found the Trojan to be backdoor.nibu.g- although Symantec > AV didn't pick it up until tonight. > > I think this is a good example that perimeter security is > only part of the battle. > Tomorrow's morning meeting will stress the importance of > desktop firewalls again and a good patch management process. > You can talk until your blue in the face to upper management > but I find 90% to be reactive. > I rest my case. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
