Home page logo

nanog logo nanog mailing list archives

Re: M$SQL cleanup incentives
From: "Doug Clements" <dsclements () linkline com>
Date: Sat, 22 Feb 2003 01:50:23 -0800

I'll bite..

----- Original Message -----
From: "William Allen Simpson" <wsimpson () greendragon com>
To: <nanog () merit edu>
Sent: Friday, February 21, 2003 2:25 PM
Subject: Re: M$SQL cleanup incentives

I'm of the technical opinion that everyone will need to filter outgoing
1434 udp forever.
Iljitsch van Beijnum wrote:
Maybe the best approach is to try and deliberately infect the entire
local net every few minutes or so to detect new vulnerable systems while
the people installing them are still on the premises.

Gosh, should we do that for every known virus/worm/vulnerability?

Which is it? Where do you draw the line between something that's big enough
to block forever and something that's not worth tracking down? You lambast
him for attempting a solution that is foolish to apply for every known
possible problem where if your solution was applied as such, we'd have a
swiss-cheese internet in which any commonly used destination port is blocked
due to the scads of IIS/bind/fingerd/ftpd/whatever worms.

Have fun filtering.

Or maybe you don't actually own and/or have legal and financial
accountability for your own network?

Or maybe he likes having a network his customers can actually use.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]