[Esa-l] Convincing Users to Patch

Brett Glass brett at lariat.org
Wed May 2 12:29:36 PDT 2001

The best way to deal with a user who refused to remove a Trojan or 
worm is to contact his ISP. It is, or should be, a violation of their
AUP to knowingly spread Trojan horses or worms. You can also block
this user's mail via the access control database in Sendmail to
prevent him from infecting your users.

You may not be able to get him to patch Outhou... er, Outlook, but
his ISP can insist that he install a virus checker or be booted 
off the network.


At 12:33 PM 5/2/2001, Andre Kajita - Administrador da Rede wrote:
>I'm just now getting over an almost flamewar with a luser over
>patching his MS OutLook(tm).  His LookOut's been sending my users
>Hybris on a regular basis - three a day - and when I finally came
>around to suggesting that he patch his system his response was - other
>than "no, I won't" - plain and simple:
>"I have better things to do than to patch my programs"
>This got my blood boiling SO FAST I shut down my mail server to avoid
>flaming the guy to kingdom come...  He isn't my luser - if he was his
>boss would receive a formal complaint from the IT dept but I'd up
>update his client in a few minutes - so in this case I can't educate
>him in the follies of the Dark Side and teach him some proper BOFH
>What I ask is - what can be done with these users?  I, as a network
>admin, work hard to keep my systems up to date and 'secure' but I know
>that one single "I'm not using Netscape" user is enough to put my
>whole network at risk - how does someone manage to convince them to
>practice safe-Outlooking?
>"Your password must be at least 18770 characters(...)"
>Andre Kajita - Administrador da Rede <admin at camarasjc.sp.gov.br>
>Camara Municipal de Sao Jose dos Campos - SP
>E-mail Security Announce list mailing list
>E-mail Security Announce list at spconnect.com

More information about the esd-l mailing list