[71175] in North American Network Operators' Group
Re: AV/FW Adoption Sudies
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jun 10 14:03:55 2004
To: EKR <ekr@rtfm.com>
Cc: Sean Donelan <sean@donelan.com>, "'Nanog'" <nanog@merit.edu>
In-Reply-To: Your message of "Thu, 10 Jun 2004 08:50:18 PDT."
<kjbrjrwgxx.fsf@romeo.rtfm.com>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 10 Jun 2004 13:59:00 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-1698251632P
Content-Type: text/plain; charset=us-ascii
On Thu, 10 Jun 2004 08:50:18 PDT, Eric Rescorla said:
> Valdis.Kletnieks@vt.edu writes:
> > Remember that the black hats almost certainly had 0-days for the
> > holes, and before the patch comes out, the 0-day is 100% effective.
>
> What makes you think that black hats already know about your
> average hole?
Because unlike a role playing game, in the real world the lawful-good white
hats don't have any deity-granted magic ability to spot holes that remain
hidden from the chaotic-neutral/evil dark hats.
Explain to me why, given that MS03-039, MS03-041, MS03-043, MS03-044, and
MS03-045 all affected systems going all the way back to NT/4, and that exploits
surfaced quite quickly for all of them, there is *any* reason to think that
only white hats who have been sprinkled with magic pixie dust were able to find
any of those holes in all the intervening years?
--==_Exmh_-1698251632P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAyKFkcC3lWbTT17ARAiD/AJ4izu34MysKWCeyf9tG9UV/CLjwUgCZAeoh
N6QiNNJ8H79WVnqoHGYC3Ns=
=ZkG9
-----END PGP SIGNATURE-----
--==_Exmh_-1698251632P--
