[192562] in North American Network Operators' Group
Re: dilemmas
daemon@ATHENA.MIT.EDU (Randy Bush)
Wed Nov 2 23:35:51 2016
X-Original-To: nanog@nanog.org
Date: Thu, 03 Nov 2016 12:35:44 +0900
From: Randy Bush <randy@psg.com>
To: Royce Williams <royce@techsolvency.com>
In-Reply-To: <CA+E3k91+uC4BH9-7nCGZAdveh-HDa_excjJPcyjgvXWVVAnZYA@mail.gmail.com>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Thu, 03 Nov 2016 12:03:32 +0900, Royce Williams wrote:
> On Wed, Nov 2, 2016 at 6:47 PM, William Herrin <bill@herrin.us> wrote:
>> On Wed, Nov 2, 2016 at 10:39 PM, Randy Bush <randy@psg.com> wrote:
>>> the sysadmins' dilemma: do you install today's critical update or
>>> wait a day until the next one is out before you reboot 50 servers?
>>
>> Neither. You wait for the normal patch cycle because the other six
>> barriers to exploiting the vulnerability will work just fine until
>> then.
>>
>> The vulnerability that cuts through every layer of a well engineered
>> defense is rare.
>
> As is the well-engineered defense.
yep. and thanks for the forward, reminding my why i have a long
.procmailrc.
