[Dshield] [RE: [unisog] New (No kidding) RPC Vulnerability]
jsage at finchhaven.com
Sat Sep 13 18:54:40 GMT 2003
Given the discussion here about regulations and licenses and all,
here's an intersting post to the UNISOG list, describing one approach
used in a controlled environment:
----- Forwarded message from "Martin, James E." <martin at foo.net> -----
Date: Wed, 10 Sep 2003 17:02:13 -0500
From: "Martin, James E." <martin at foo.net>
To: "Matt Crawford" <crawdad at boo.gov>, "Dax" <dax at resnet.bar.edu>
Cc: <unisog at sans.org>
Subject: RE: [unisog] New (No kidding) RPC Vulnerability
A downstream campus shut off the dorm ports on the first day back at
school last month, then gave students a choice:
A. They could have a port once they'd been certified as patched to
current stable and virus-free by IT staff, or
B. Users with a non-Microsoft operating system were given a number to
call for immediate port access.
Words cannot express my personal and professional gratitude. :)
From: Matt Crawford [mailto:crawdad at boo.gov]
Sent: Wednesday, September 10, 2003 4:26 PM
Cc: unisog at sans.org
Subject: Re: [unisog] New (No kidding) RPC Vulnerability
> Sooo...good job patching for Blaster everyone...Next!
I was just saying we should set up a table in the Atrium and give every
windows user a choice of CDROMs:
Pick from box A and get all the current windows patches.
Pick from box B and get a localized Red Hat Linux installation.
If you pick from A, come again next week.
----- End forwarded message -----
"Warning: time of day goes back, taking countermeasures."
ABCD, EFGH, IJKL, EmEnOh, Pplus+, Mminus-
ATTENTION: this message is privleged communication. If you read it
even though you aren't supposed to, you're a poopy-head.
More information about the list