[Dshield] Microsoft ASN.1
josh at raintreeinc.com
Fri Feb 13 17:16:05 GMT 2004
I'm not sure that all such claims are necessarily "wild". We recently
had a Windows machine infected with Welchia before the user even
finished configuring the OS after a brand new install -- on our
firewalled and hitherto fairly well protected network at the offce,
thanks to a user who brought a laptop into the other side of our WAN
halfway around the world. I realize that he who was installing the
system shouldn't have connected the machine to the network in the first
place before patching, but he didn't know that at the time. The point is
it doesn't take long, and there really is data and lots and lots and
lots of sad experience to support claims of poorly protected computers
being infected within minutes of connecting them to anything.
That said, I think what you really meant was something else -- the quote
you included in your email looks like someone claiming all computers, no
matter their location or potential value, come under the scrutiny of
intelligent, malicious, evil plotting hackers within minutes of being
turned on. I'll agree that such a claim is "wild". But being infected
with a worm isn't necessarily less damaging than a conniving black hat
from the perspective of most home users.
mark rowlands wrote:
>>"Within the first 10 minutes of hooking up to a home
>>broadband connection you have been "found" and within the
>>next 10 minutes attacks have started against your PC".
> Now I am not saying you shouldn't take all reasonable precautions, what
> am saying is you shouldn't throw wild claims (or clams for that matter)
> around. It just makes you sound a bit on the deranged side.
More information about the list