North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Even you can be hacked
** Reply to message from Crist Clark <email@example.com> on Thu, 10 Jun 2004 14:54:07 -0700 > > It would be great if there always was a negligent party, but there is > not always one. If Widgets Inc.'s otherwise ultra-secure web server gets > 0wn3d by a 0-day, there is no negligence. Who eats it, Widgets Inc. > or the ISP? > Just out of curiosity, what was the last 0-Day (not that I've heard of any, really) that made itself obvious by chewing up tons of bandwidth? Most of the nasty worms seem to be the ones that either do some efficient social engineering, or exploit a hole MS patched 6 months ago. In any case, I expect it would be negotiated on a case by case basis. But Widgets Inc. would operating from a position of weakness. Regardless of the circumstances, their systems did use the bandwidth. > So how about this analogy: Someone breaks into my house and spends a few > hours on the phone to Hong Kong. Who eats the bill, me or my LD carrier? > Neither of us was negligent. Depends on how nice your LD carrier is - with a police report they might cut you some slack. Otherwise... how many parents have been stuck with the bills for their teenage kids $200+ SMS bills? -- Jeff Shultz A railfan pulls up to a RR crossing hoping that there will be a train.