[192560] in North American Network Operators' Group
Re: dilemmas
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Nov 2 22:49:53 2016
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <m24m3p1e3r.wl-randy@psg.com>
From: William Herrin <bill@herrin.us>
Date: Wed, 2 Nov 2016 22:47:24 -0400
To: Randy Bush <randy@psg.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Nov 2, 2016 at 10:39 PM, Randy Bush <randy@psg.com> wrote:
> the sysadmins' dilemma: do you install today's critical update or wait a
> day until the next one is out before you reboot 50 servers?
Neither. You wait for the normal patch cycle because the other six
barriers to exploiting the vulnerability will work just fine until
then.
The vulnerability that cuts through every layer of a well engineered
defense is rare.
Regards,
Bill Herrin
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
