[34331] in North American Network Operators' Group
Re: Reasons why BIND isn't being upgraded
daemon@ATHENA.MIT.EDU (Patrick Greenwell)
Sat Feb 3 14:48:14 2001
Date: Sat, 3 Feb 2001 11:38:56 -0800 (PST)
From: Patrick Greenwell <patrick@cybernothing.org>
To: Paul Vixie <vixie@mfnx.net>
Cc: nanog@merit.edu
In-Reply-To: <g33ddv4oat.fsf@redpaul.mfnx.net>
Message-ID: <Pine.BSF.4.21.0102031130210.64677-100000@localhost>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On 3 Feb 2001, Paul Vixie wrote:
>
> patrick@cybernothing.org (Patrick Greenwell) writes:
>
> > > hiding it DOES however make it harder for people (including network owners)
> > > to do surveys.
> >
> > By the same token one might argue that atempting to hide vunerabilities
> > to those paying you for "early warnings" doesn't help at all.
>
> Wrt the bind-members forum being discussed to death elsewhere, nobody can pay
> for early warnings. CERT will still be the source of early earnings.
CERT has NEVER been the source of early warnings. By the time they release
information it has already been dissimenated in a variety of other forums.
Can you understand that?
