[rescue] Fair Warning RPC Worm

Daniel de Young daniel at velvetsea.com
Tue Aug 12 13:36:56 CDT 2003


On Tue, 2003-08-12 at 10:42, Kevin wrote:
> That's not entirely true.  Your outside laptop users (assuming you have them as most companies have at least a few) can be a threat.  Your firewall could be right n' tight, but if some luser connects to an ISP with his laptop from home and then becomes infected, then connects up to your internal network the next day, you're screwed.  I patched up all our laptops that actually leave the place yesterday so i'm OK, but this scenario got Carnival Cruise lines just last night.  I'm in favor of putting all my laptop users in the own DMZ, might just do that....

Nothing is a "be all, end all".  Security is a process... blah blah...

BUT...

Installing a firewall is the single most effective step that can be
taken toward warding off these kind of threats.  Literally, there is NO
excuse to not one well positioned in the network.

I'd be looking for another job because that kind of place would just
depress me.  Life is too short.

BTW, that laptop user segment is a great idea!  Could be tough to make
safe though unless your laptop user's needs are basic.  Mostly because
you'd need a default block all (bound for the LAN or Servers).

-Daniel



More information about the rescue mailing list