[122955] in North American Network Operators' Group
Re: Security Guideance
daemon@ATHENA.MIT.EDU (Joel Esler)
Tue Feb 23 20:56:26 2010
Date: Tue, 23 Feb 2010 20:55:33 -0500
From: Joel Esler <joel.esler@me.com>
To: Valdis.Kletnieks@vt.edu
In-reply-to: <23632.1266963194@localhost>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Why does there need to be blame? Diagnose the problem, fix the problem, move on with life. Someone made a mistake, learn from it, move on.
--
Joel Esler
joel.esler@me.com
http://www.joelesler.net
On Tuesday, February 23, 2010, at 05:13PM, <Valdis.Kletnieks@vt.edu> wrote:
>On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said:
>> On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote:
>> > The problem is that a user on this box appears to be launching high
>> > traffic DOS attacks from it towards other sites.
>>
>> It's possible the user inadvertently enabled the same exploit after you
>> rebuilt the system. I suggest caution with assigning culpability.
>
>Or the gold image used to rebuild was itself vulnerable. It happens a lot
>more often than you think. I'd suggest *lots* of caution with assigning
>culpability. ;)
>
>
>
