[Dshield] Secure computing (was: Port 135)

keithtarrant@spamcop.net keithtarrant at spamcop.net
Mon Oct 28 22:13:16 GMT 2002


> Frustration over that people try to solve every computer problem
> with firewalls and laws. In this case (spam by windows message
> server) I see that the source of the problem as (yet again) bad
> implementation from Microsoft. So why is noone complaining? Fix
> the real problem don't make a workaround. (Or rather make them
> fix the problem).

What laws?  There have been no effective laws enacted.

We've had 20 years of no laws but rather consent standards with no teeth,
and few firewalls installed on a voluntary basis -- and look where we are.

Clearly the time for that experiment has runs its course.

People are trying to use the Internet in production, but in reality the
Internet is just in beta test with organizations playing around seeing how
little they can do (and by "organizations" I mean organizations, not
simply academic organizations).

> We trust that our machines are
> patched and as secure as we can make them (but still
> operational).

The new security patches you applied last week -- they weren't on two
weeks ago were they.

So two weeks ago your system wasn't secure was it.

The basic principle of security is defense in depth.  Do not depend on any
one thing because an attacker can defeat it unexpectedly, and be in, and
you won't have any chance of stopping them.

- Keith





More information about the list mailing list