From: R. DuFresne (dufresne@sysinfo.com)
Date: Fri Jun 04 2004 - 15:22:25 EDT
On 3 Jun 2004 mak_pen@hotmail.com wrote:
> In-Reply-To: <40BCBB44.7050202@linuxbox.org>
>
> the mere fact that its usb has nothing to do with the attack its self. what is to blame is that autorun is enabled by default on windows XP. that is why the attack works. usb makes it convenient to stick the memmory stick in any computer and have the user just open the memmory stick and the attack works and no antivirus or anything detects this till now.
>
> in short,
> usb = convenience
> autorun = culprit (so to speak)
>
The moderator is unkind to me, but once again, let me try to state;
This is old news though, security 101 kind of stuff. Just because a new
toy comes out does not imply it should not play by the rules of the other
toys in the chest. If this is found in an audit then the company that
hired you has real policy issues for you to outline to them and they will
then need to address.
Thanks,
Ron DuFresne
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
-- Johnny Hart
testing, only testing, and damn good at it too!
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT