Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	Microsoft researchers test microblogging service
•	Desktop Virtualization: Microsoft, VMware in Cost Smackdown
•	Ethernet switches, routers, Wi-Fi on the upswing
•	Palm Prime for Acquisition
•	8 things you didn't know about Windows Phone 7
•	Multicore requires OS rework, Windows architect advises
•	Novell's Pulse enterprise 2.0 suite goes beta next week
•	Qwest CEO's pay package rises 6%
•	EMC chief's pay drops 23% to $9 million
•	Judge approves Facebook's settlement offer in Beacon case
•	National broadband plan: What’s in it for businesses?
•	Mobile developers take measure of Windows Phone 7
•	Comcast, ISC offer IPv6 transition tool
•	New Cisco Ethernet switches to play broader video, security roles
•	Windows XP: No IE9 for you
•	More breaking news

Applications /

Compendium /

Trivializing Bugtraq

By Adam Gaffin
Network World Fusion 10/25/04

David Piscitello says he is getting more and more annoyed with Bugtraq reports that have absolutely nothing to do with enterprise security - to the point where he's written to some of the bug finders to ask why he should care about the flaw they found:

The exchange I had with one wannabe who posted a report of a buffer overflow in a 2001 version of a PC game on Windows 98SE is indicative of the problem:

Dave: "What practical consequence does this bug have for someone operating a large business network?

Wannabe: "Nothing, this game is not so much diffused and in a "large business network" the people should do their job, not play with games (except if the company is a software house that develops games)."

Dave: "The game's 4 years old, and wasn't a very good one. What's the attack vector for this game? Think of all the conditions that have to fall into place to compromise one home computer. It's too improbable to bother reporting, and the vendor is not going to invest a penny to fix it. So who benefits from the report?"

Back to Compendium

Comments

Post a comment

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.

HOME

RESEARCH CENTERS

NEWS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.