Worm bait?

[jullrich at sans.org (Johannes B. Ullrich)]

> This is very true. BTW: Dvorak (on PC Mag) is making a proposal that all
> PCs be licensed:
> http://www.pcmag.com/article2/0,4149,1224343,00.asp
> 
> Personally, I think Dvorak is an idiot, but he makes a good case for it.

Haha... SANS GIAC Certification for everyone. I am all for it ;-) (see
signature)

On the other hand: I think a lot of the time, the problem is that us
'geeks' set the standard how computers are build. Lets face it. For most
people: "Internet" = "Web". E.g. the recent discussion about Microsoft
enabling 'auto update' by default and ISPs filtering ports. IMHO, if you
don't know how to turn off auto-update, its probably a good idea that it
is turned on ;-)

While I have complained in the past at times about ISPs filtering ports,
I have switched my opinion on that as well. If you know what you are
doing, get a business account or colocate a machine. But once you are
talking about ports like 135, 139, 445... there is no good reason to
route this traffic at all.

Anyway. I am getting into rants here. I recently heard Marcus Ranum
blame the basic concept of "general purpose computing" for a lot of the
security issues. And the more I think about it, the more I have to
agree.  




-- 
SANS - Internet Storm Center
http://isc.sans.org
PGP Key: http://isc.sans.org/jullrich.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030820/2fa7d17e/attachment.sig>