Tom Lisa wrote: > Hmmm, are IT Gals also easy to recognize??? > > Prof. Tom Lisa, CCAI > Community College of Southern Nevada > Cisco ATC/Regional Networking Academy > "Cunctando restituit rem" > > Priscilla Oppenheimer wrote: > > Evans, Timothy R (BearingPoint) wrote: > > > > I know of several organizations in the Washington / NoVa / MD > > area that were > > effected - the MD Motor Vehicle Administration was offline for > > quite some > > time, for example. > > > > > > Sadly - too many people, many who should know better, assumed > > that as long > > as the "edge" was secured than all was good. Unfortunately it > > only takes > > one laptop (for ex) to break that theory :). > > Makes me wonder about people's security policies. Bringing in a > laptop that > isn't running software approved by IT shouldn't be allowed. This > software > should include patched OSs, anti-virus, and personal firewall. > > Of course, enforcing that is difficult. > > Friday night I was walking by a local bank and noticed that the > ligths were > still on. I had to chuckle when I looked inside and noticed IT guys > hunched > over PCs at the tellers' stations. I'm pretty sure I know what they > were > doing. And yes, IT guys are easy to recognize. You know who you are. > :-) > > Today I went to my favoriate local coffee shop. The public Internet > acccess > PC was turned off with a sign that said, "Not in service due to > virus. Bye, > bye Miss American Pie." Ah, the day the music died. > > This blaster thing is yet another wake-up call. The big one is still > coming. > We are lucky that so far it's been benign tricksters attacking our > networks. > Sorry for the dire warning, but I truly predict a huge failure at > some > point. Argh.... > > > > > > > Luckily - this was/is a very sloppy worm: > > Noisy enough to easily tracedown > > Poor propogation method > > Limited vectors of attack > > No destructive payload > > (don't get me wrong - having a backdoor is bad, but let's say > > it wiped data > > from hardrives 8 hours after infecting them, or performed some > > other > > non-randon act of data destruction) > > ... and, to top it all off, its attempted DoS was to the wrong > > URL and > > was easily sidestepped, although some people caused local RST > > floods on > > their network by attempting to mitigate it incorrectly :) > > It's not just Microsoft that has software bugs! Getting the wrong URL > was an > amazingly stupid bug, but benign. A lot of the infamous worms of the > past > spread unintentionally like wildfire because of software bugs. > > Why is software so hard to get right? Well, I know why. But this has > gotta > change.... > > Priscilla > > > > > > > > > Thanks! > > TJ > > ... not all windows admin's are incompetent > > ... and some are network admins as well :) > > > > -----Original Message----- > > From: Reimer, Fred [mailto:[EMAIL PROTECTED] > > Sent: Saturday, August 16, 2003 4:23 PM > > To: [EMAIL PROTECTED] > > Subject: RE: OT Microsoft worm [7:74045] > > > > For reasons of confidentiality I won't and can't name any > > names, but I am > > aware of several hospitals that were affected pretty > > seriously. Everyone > > here knows that Cisco Call Manager runs on Windows, so imagine > > what happens > > to your entire phone infrastructure if you are running VoIP. > > Network grinds > > to a halt and admitting can't access the applications to admit > > people in the > > ER. Lab orders don't go through, so meds can't be dispersed > > based on the > > results of tests. Everything goes back to a paper fall-back > > scheme until > > the Windows administrators patch the systems like they should > > have done > > weeks ago. > > > > So no, don't assume that even large organizations have a handle > > on things. > > Especially hospitals which are notoriously on the low end as > > far as > > adequately staffing, at the right levels, their IT staff. > > > > One thing I sincerely hope is changed in our lexicon is calling > > Windows > > administrators "network administrators." It makes me > > physically ill, > > because those folks don't "administer" the "network," if > > anything they > > actually do can be classified as competent administration. > > They should be > > called what they are "systems administrators," or, if you want > > to be more > > specific, "Windows administrators." I personally think they > > deserve a > > classification of their own. > > > > All I can say is that the Windows systems that our group has to > > use and is > > responsible for were patched long ago, and did not exhibit any > > issues. > > > > Fred Reimer - CCNA > > > > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > > 30338 > > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > > > > NOTICE; This email contains confidential or proprietary > > information which > > may be legally privileged. It is intended only for the named > > recipient(s). > > If an addressing or transmission error has misdirected the > > email, please > > notify the author by replying to this message. If you are not > > the named > > recipient, you are not authorized to use, disclose, distribute, > > copy, print > > or rely on this email, and should immediately delete it from > > your computer. > > > > > > -----Original Message----- > > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > > Sent: Saturday, August 16, 2003 1:22 PM > > To: [EMAIL PROTECTED] > > Subject: OT Microsoft worm [7:74045] > > > > Just wondering, is this new LOVSAN msblast worm as big as it > > seems to be? > > I've been helping lots of Windows users clean up their > > machines. They all > > had the worm. These are mostly home users. I can't believe they > > would use > > broadband, "always-on" access and not have a firewall, but they > > didn't! > > > > What are you all seeing? Is this a big one? I suppose > > enterprise networks > > are much better protected (hopefully) than the home networks > > I've been > > helping out with. > > > > One has to wonder if the huge power outage could be related. I > > can imagine a > > Windows computer somewhere in Ohio that played a surprisingly > > important role > > in keeping the grid working and had been infected..... But I > > read a lot of > > science fiction. :-) > > > > By the way, the stupid worm is attacking the wrong Microsoft > > URL! So that > > aspect of it isn't going to be as bad as once thought. > > > > Comments? > > > > Priscilla > > **Please support GroupStudy by purchasing from the GroupStudy > > Store: > > http://shop.groupstudy.com > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > **Please support GroupStudy by purchasing from the GroupStudy > > Store: > > http://shop.groupstudy.com > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > > > > > > > > ****************************************************************************** > > The information in this email is confidential and may be > > legally > > privileged. Access to this email by anyone other than the > > intended addressee is unauthorized. If you are not the > > intended > > recipient of this message, any review, disclosure, copying, > > distribution, retention, or any action taken or omitted to be > > taken > > in reliance on it is prohibited and may be unlawful. If you > > are not > > the intended recipient, please reply to or forward a copy of > > this > > message to the sender and delete the message, any attachments, > > and any copies thereof from your system. > > > > ****************************************************************************** > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > I don't think I want to know....
Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74129&t=74045 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
