[67398] in North American Network Operators' Group
Re: Network and security experts (was Re: Dumb users spread viruses)
daemon@ATHENA.MIT.EDU (Kevin Oberman)
Mon Feb 9 13:03:58 2004
To: Sean Donelan <sean@donelan.com>
Cc: John Payne <john@sackheads.org>, nanog@merit.edu
In-Reply-To: Message from Sean Donelan <sean@donelan.com>
of "Mon, 09 Feb 2004 12:41:26 EST." <Pine.GSO.4.58.0402091236260.387@clifden.donelan.com>
Date: Mon, 09 Feb 2004 10:02:51 -0800
From: "Kevin Oberman" <oberman@es.net>
Errors-To: owner-nanog-outgoing@merit.edu
> Date: Mon, 9 Feb 2004 12:41:26 -0500 (EST)
> From: Sean Donelan <sean@donelan.com>
> Sender: owner-nanog@merit.edu
>
>
> On Mon, 9 Feb 2004, John Payne wrote:
> > --On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie@vix.com>
> > wrote:
> > > There is nothing wrong with a user who thinks they should not have to know
> > > how to protect their computer from virus infections.
> > However, someone attending NANOG should at least have cleaned up slammer
> > before connecting to the wireless...
>
> I have never seen any evidence that security experts or network operators
> are any better at practicing security than any other user group. In every
> forum I've been at, the infection rates have been similar regardless of
> the attendees security experience.
>
> Sometimes the attendees know about the issue, but do not have the power
> to fix it, e.g. corporate IT deparment controls the laptop they are
> required to use. Other times, they are oblivious to the equipment being
> infected.
>
> I wouldn't be surprised if I went to a meeting at the Department of
> Homeland Security or NSA, their infection rates are similar.
At a recent large (last 6 months) trade show, the show network saw a
bunch infected systems pop up at once. The problem was tracked (fairly
quickly) to machines brought up by a vendor in their booth that lacked a
number of recent Microsoft Windows Critical Updates. I can't say who the
vendor was, but they REALLY should have been the FIRST to install any
patches.
If this happens, what hope do we have for "normal" users.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman@es.net Phone: +1 510 486-8634
