Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: Web sites compromised by IIS attack
From: "joe" <mvp () joeware net>
Date: Sat, 3 Jul 2004 10:22:39 -0400

Heck I wouldn't mind seeing that in just electrical, natural/propane gas,
and water services. Delivery of those products is considered a service.
Getting that in software is a pipe dream if you can't get it in core
services aka utilities such as the ones listed which are considered
"critical".  

I also happen to disagree with your conclusion. I think you would find that
the software service providers would be more focused on setting up rules
under which they will offer you an SLA in terms of what hardware, what
software, who modifies the machine. I have been in the computer support
industry in various ways for quite a while and almost always working with
SLAs. Quality isn't the big thing you see in SLAs, it is holes to get out of
having to perform to the SLA level. Dragging lawyers into the software arena
is not going to help anything. You want to drag lawyers somewhere, consider
some place wet and deep. The legal world is not, in my opinion, making this
a better world to live in. Just more lawsuit prone. 

  joe



-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Gilbert Pilz
Sent: Thursday, July 01, 2004 9:52 PM
To: FULL-DISCLOSURE () lists netsys com
Subject: RE: [Full-disclosure] Web sites compromised by IIS attack


 With a "software as a service model"
*combined* *with* measurable and verifiable service level agreements (where
breaching the agreement results in refunds or other financial penalties) I
think you would find that the service providers would be much more focused
on quality and security because they have a direct financial interest in
making sure the service remains up and operating correctly.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault