Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: AW: [Full-Disclosure] no more public exploits

from [Soderland, Craig] Network Security [Permanent Link]
Subject: RE: AW: [Full-Disclosure] no more public exploits
Date: Wed, 28 Apr 2004 22:10:24 +0200 
-----Original Message-----
From: full-disclosure-admin@lists.netsys.com [mailto:full-disclosure-
admin@lists.netsys.com] On Behalf Of Bernard J. Duffy
Sent: Wednesday, April 28, 2004 3:38 PM
To: full-disclosure@lists.netsys.com
Subject: Re: AW: [Full-Disclosure] no more public exploits


[Soderland, Craig] Much Stuff filtered. 


I would venture to guess that you would not be a happy camper if the
IT organization supporting the systems that process your payroll or
banking applied code fixes without a robust testing procedure.


[Soderland, Craig] I'd be even less happy if my banking institution, or payroll 
department got hacked. A delay in getting to my accounts I can live with, and 
complete cleaning out I cannot. 

The long and short of it is, you can patch, and break something, however if you 
go that route you can also back it out. 

You can not patch, and be at someone else's mercy and perhaps not know what 
they have done or how to fix short of a rebuild. 

Me, well I prefer to maintain the illusion of being the master of my own 
destiny. 

Besides I've seen the time and effort required, if you do get hit, as opposed 
to the time and effort required to patch. I'll take the easy way out and patch. 

----------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners, Harlan Carvey
Next by Date:  RE: [Full-Disclosure] Top 15 Reasons Why Admins Use Security Scan ners, Starford, Christopher D.
Previous by Thread:  Re: AW: [Full-Disclosure] no more public exploits, Bernard J. Duffy
Next by Thread:  RE: AW: [Full-Disclosure] no more public exploits, Ng, Kenneth (US)
Indexes:  [Date] [Thread] [Top] [All Lists]