[122948] in North American Network Operators' Group
Re: Security Guideance
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Feb 23 17:14:07 2010
To: nanog@nanog.org
In-Reply-To: Your message of "Tue, 23 Feb 2010 11:27:21 -1000."
<20100223212721.GA25862@l1.konadogs.net>
From: Valdis.Kletnieks@vt.edu
Date: Tue, 23 Feb 2010 17:13:14 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--==_Exmh_1266963194_3923P
Content-Type: text/plain; charset=us-ascii
On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said:
> On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote:
> > The problem is that a user on this box appears to be launching high
> > traffic DOS attacks from it towards other sites.
>
> It's possible the user inadvertently enabled the same exploit after you
> rebuilt the system. I suggest caution with assigning culpability.
Or the gold image used to rebuild was itself vulnerable. It happens a lot
more often than you think. I'd suggest *lots* of caution with assigning
culpability. ;)
--==_Exmh_1266963194_3923P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFLhFL6cC3lWbTT17ARAuN0AKCpYwhfud8PAOPImOOyR9D3kt/5GgCdGZ2V
1bpk8GEPwCxNfI2QVuHw49I=
=gOmN
-----END PGP SIGNATURE-----
--==_Exmh_1266963194_3923P--
