[Dshield] Microsoft ASN.1

Josh Tolley josh at raintreeinc.com
Fri Feb 13 17:16:05 GMT 2004


I'm not sure that all such claims are necessarily "wild". We recently 
had a Windows machine infected with Welchia before the user even 
finished configuring the OS after a brand new install -- on our 
firewalled and hitherto fairly well protected network at the offce, 
thanks to a user who brought a laptop into the other side of our WAN 
halfway around the world. I realize that he who was installing the 
system shouldn't have connected the machine to the network in the first 
place before patching, but he didn't know that at the time. The point is 
it doesn't take long, and there really is data and lots and lots and 
lots of sad experience to support claims of poorly protected computers 
being infected within minutes of connecting them to anything.

That said, I think what you really meant was something else -- the quote 
you included in your email looks like someone claiming all computers, no 
matter their location or potential value, come under the scrutiny of 
intelligent, malicious, evil plotting hackers within minutes of being 
turned on. I'll agree that such a claim is "wild". But being infected 
with a worm isn't necessarily less damaging than a conniving black hat 
from the perspective of most home users.

Josh Tolley

mark rowlands wrote:

> 
>>"Within the first 10 minutes of hooking up to a home 
>>broadband connection you have been "found" and within the 
>>next 10 minutes attacks have started against your PC". 
>>
> 
> Now I am not saying you shouldn't take all reasonable precautions, what
> I
> am saying is you shouldn't throw wild claims (or clams for that matter)
> around.  It just makes you sound a bit on the deranged side.





More information about the list mailing list