Home page logo

nanog logo nanog mailing list archives

Re: and here are some answers [was: Quarantine your infected users spreading malware]
From: Gadi Evron <ge () linuxbox org>
Date: Tue, 21 Feb 2006 08:06:57 +0200

bmanning () vacation karoshi com wrote:
On Mon, Feb 20, 2006 at 07:49:04PM -0600, Rob Thomas wrote:

Hey, Bill.

]       wht is the mean-time-to-infection for a stock windows XP system
]       when plugged intot he net?... 2-5minutes?  you can't get patches
]       down that fast.

The same case can be made for Linux and Unix-based web servers with
vulnerable PHP-based tools.  There's also a large number of poorly
configured devices such as routers with easily guessed passwords,
overly permissive DNS name servers, etc.

It's not simply a Windows problem.


        true enough.  but "auntie jane" doesn't have linux/unix web server(s)
        or router(s) (other than the one provided by her ISP and managed by them)
        and has zero clue about overly permissive <service> machines.

        me thinks it is a -much- larger pool that gets taken advantage of
wiht a much higher threshold of ignorance about problems.

You described it best, and home users are indeed the problem discussed.

However, the amount of insecure routers out there is scary by itself. Rob has a lot more data on that than me and I don't doubt what he said.


"Out of the box is where I live".
        -- Cara "Starbuck" Thrace, Battlestar Galactica.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]