[61593] in North American Network Operators' Group
Re: What do you want your ISP to block today?
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Sat Aug 30 14:55:30 2003
To: Joe Abley <jabley@isc.org>
Cc: "Matthew S. Hallacy" <poptix@techmonkeys.org>, nanog@merit.edu
In-Reply-To: Your message of "Sat, 30 Aug 2003 14:09:40 EDT."
<1F8D5A0A-DB15-11D7-868C-00039312C852@isc.org>
From: Valdis.Kletnieks@vt.edu
Date: Sat, 30 Aug 2003 14:53:46 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_2071655431P
Content-Type: text/plain; charset=us-ascii
On Sat, 30 Aug 2003 14:09:40 EDT, Joe Abley said:
> That won't save them when the time required to download the patch set
> is an order of magnitude greater than the mean time to infection.
This, in fact, is the single biggest thorn in our side at the moment. It's hard
to adopt a pious "patch your broken box" attitude when the user can't get it
patched without getting 0wned first...
> Seems to me that it would be far more effective to simply prohibit
> connection of machines without acceptable operating systems to the
> network. That would send a more appropriate message to the vendor, too
> (better than "don't bother to test before you release, we'll pay to
> clean up the resulting mess").
Given the Lion worm that hit Linux boxes, and the fact there's apparently a
known remote-root (since fixed) for Apple's OSX, what operating systems would
you consider "acceptable"?
--==_Exmh_2071655431P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE/UPK5cC3lWbTT17ARAgNKAKCgV66t7yfPfgc/cDBa12gREUnzyACfTUYn
jpG5bmZpmduGDyPTBuMkdx4=
=dMBa
-----END PGP SIGNATURE-----
--==_Exmh_2071655431P--
