[126933] in North American Network Operators' Group
Re: Nato warns of strike against cyber attackers
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Wed Jun 9 01:37:21 2010
In-Reply-To: <259F187A-0A4E-4F40-A984-157506FD5CC5@delong.com>
Date: Tue, 8 Jun 2010 22:37:01 -0700
From: Paul Ferguson <fergdawgster@gmail.com>
To: Owen DeLong <owen@delong.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Jun 8, 2010 at 10:22 PM, Owen DeLong <owen@delong.com> wrote:
>
>> Please, be for real -- the criminals go after the entrenched majority.
>> If it were any other OS, the story would be the same.
>>
> If this were true, the criminals would be all over Apache and yet it is
> IIS that gets compromised most often.
>
Actually, that is another fallacy.
The majority of SQL Injections are on Apache-based systems.
Look, this isn't a blame-game in which we need to point out one vendor,
operating system, plug-in, browser, or whatever.
The problem is that it is a wide-spread problem wherein we have millions of
compromised consumer (and non-consumer) hosts doing the bidding of Bad
Guys.
I would certainly love to hear your solution to this problem.
And stop pointing fingers.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFMDyh1q1pz9mNUZTMRAqUSAKD9e+Bt+f1Q6+xE1f0MS3edKfbCtwCeMMEp
cGOjbQNIcm58ZPj5JaT5Q74=
=Oz/Q
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawgster(at)gmail.com
ferg's tech blog: http://fergdawg.blogspot.com/
