[65359] in North American Network Operators' Group
Re: Anit-Virus help for all of us??????
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Nov 24 16:03:54 2003
Date: Mon, 24 Nov 2003 16:01:29 -0500
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: Valdis.Kletnieks@vt.edu
Cc: Petri Helenius <pete@he.iki.fi>, Sean Donelan <sean@donelan.com>,
nanog@merit.edu
In-Reply-To: <200311242043.hAOKhYKL003690@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Valdis.Kletnieks@vt.edu writes on 11/24/2003 3:43 PM:
> Question: What speed access is needed to guarantee "mean time to download
> patches" is significantly less than "mean time to probed by packet-to-0wn"
> (significantly == 20x lower still gives a 5% chance of getting 0wned while
> patching)?
That'd have to be very fast indeed, given that only one windows update
mirror is used at a time, and patches are downloaded and applied in
sequence.
Two ways to get at least some safety -
# Machine behind NAT while it is being updated
# Patches preferably downloaded onto a CD and applied offline
--
srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
manager, outblaze.com security and antispam operations
