mailing list archives
Re: When do exploits get used?
From: Luke Scharf <lscharf () aoe vt edu>
Date: Mon, 22 Mar 2004 17:31:44 -0500
On Mon, 2004-03-22 at 17:13, Jay Beale wrote:
You may find this discussion academic. But the exploit writers and the
worm writers are getting faster. And that's what should scare us into
moving beyond patches. That's what should get us moving to better
network and host configurations. That's what should get us to evaluate
patching as, at most, the easy, but most critical, 50%.
I would say that we could all agree that not patching is a recipe for
disaster -- and that it's very easy to keep up to date.
But, my 90% figure comes from the accidental plugging of unpatched
Windows machines into the open network. Every time I do that, the
machine is running msblast in a few minutes. And as near as I tell,
it's not my machines that are doing it (except for that one unpatched
machine that I spend an hour rebuilding)...
Luke Scharf, Systems Administrator
Virginia Tech Aerospace and Ocean Engineering
Full-Disclosure - We believe in it.