Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Web sites compromised by IIS attack
From: "Aditya, ALD [ Aditya Lalit Deshmukh ]" <aditya.deshmukh () online gateway technolabs net>
Date: Thu, 1 Jul 2004 11:08:55 +0530

Right. But we also need better methodologies for vendors to fix their
products. The emphasis here is on "the vendor fixing the broken
product". It should not be a burden on the consumer, but on the vendor.

Like I said, Do you REALLY want a vendor to install patches for you?

i would never trust any patch from red hat / sun system / microsoft  without actually testing it on a sacrificial lamb 
before going in production use. 


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]