KF_lists wrote:
ISS would like to have you believe otherwise... when I contacted them about the Local SYSTEM escalation in BlackICE we went in circles over the fact that I feel that taking local SYSTEM on a win32 box IS a problem and they don't. They tryed to say some crap like "in all our years in the industry we have never had a customer state that local windows security was a concern... blah blah (paraphrasing)". And something along the lines of "Windows is not a true multi-user system (like unix) so local escalation means nothing."
-KF
*feigned look of surprise*
Then how do they explain trojan horses, adware, and spyware?!?
-Barry
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
