[111417] in North American Network Operators' Group
Re: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Feb 5 12:20:03 2009
To: Roger Marquis <marquis@roble.com>
In-Reply-To: Your message of "Thu, 05 Feb 2009 08:24:16 PST."
<20090205162416.358EB2B21B4@mx5.roble.com>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 05 Feb 2009 12:19:59 -0500
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1233854399_15442P
Content-Type: text/plain; charset=us-ascii
On Thu, 05 Feb 2009 08:24:16 PST, Roger Marquis said:
> Can you site a reference? Can you substantiate "lots"? I didn't think so.
> This is yet another case the rhetoric gets a little over the top, leading
> those of us who were doing this before NAT to suspect a non-technical
> agenda.
Some estimates say that Conficker has nailed over 9 to 16 million systems by
now. Every single one was because somebody didn't apply a patch that came
out back in October.
I'm sure at least some of these were because of either:
a) "I'm Joe Sixpack, and I'm safe because I'm behind my cablemodem"
b) "I'm Joe McSE (want fries with that?), and I'm safe because of the corporate
firewall".
(Note that due to its design, Conficker *can't* spread through a properly
configured firewall - almost by definition, *every single* firewalled network
that got hit was because somebody forgot the difference between "firewall" and
"security perimeter".
--==_Exmh_1233854399_15442P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFJix+/cC3lWbTT17ARAiuAAKC2U2xiyb0kOPaCO+uqvbG1GkZ6tQCgl2z3
T+ATLbVd+yKDgUQFIqDIL00=
=LMCr
-----END PGP SIGNATURE-----
--==_Exmh_1233854399_15442P--
