Home page logo

nanog logo nanog mailing list archives

Re: What do you want your ISP to block today?
From: Valdis.Kletnieks () vt edu
Date: Sat, 30 Aug 2003 14:53:46 -0400

On Sat, 30 Aug 2003 14:09:40 EDT, Joe Abley said:
That won't save them when the time required to download the patch set 
is an order of magnitude greater than the mean time to infection.

This, in fact, is the single biggest thorn in our side at the moment. It's hard
to adopt a pious "patch your broken box" attitude when the user can't get it
patched without getting 0wned first...

Seems to me that it would be far more effective to simply prohibit 
connection of machines without acceptable operating systems to the 
network. That would send a more appropriate message to the vendor, too 
(better than "don't bother to test before you release, we'll pay to 
clean up the resulting mess").

Given the Lion worm that hit Linux boxes, and the fact there's apparently a
known remote-root (since fixed) for Apple's OSX, what operating systems would
you consider "acceptable"?

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]