Re: [Full-Disclosure] Support the Sasser-author fund started
Date: Thu May 13 2004 - 17:32:37 EDT
On Thu, 13 May 2004 11:32:17 PDT, Micah McNelly <micah@style.net> said:
> I wonder if people forget the liability that any organization inherits if
> they do NOT maintain a above standard protection scheme for their
> network/hosts.
One of the problems there is the lack of a widely accepted "minimum due care"
best practices document for you to be above. The Center for Internet Security
(http://www.cisecurity.org) has been trying to address that, and slowly making
some progress and buy-in.
(ObFullDisclosure: I'm biased, I helped develop the Solaris and Linux ones....)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
This archive was generated by hypermail 2.1.8 : Thu May 13 2004 - 22:05:25 EDT
