[82769] in North American Network Operators' Group
RE: Cisco IOS Exploit Cover Up
daemon@ATHENA.MIT.EDU (John A. Kilpatrick)
Thu Jul 28 20:28:42 2005
Date: Thu, 28 Jul 2005 17:26:47 -0700 (PDT)
From: "John A. Kilpatrick" <john@hypergeek.net>
To: Randy Bush <randy@psg.com>
Cc: <nanog@merit.edu>
In-Reply-To: <17129.29930.274223.920274@roam.psg.com>
Errors-To: owner-nanog@merit.edu
On Fri, 29 Jul 2005, Randy Bush wrote:
> could they be unpatched because no one has sent out a notice saying
> "versions before X have known vulnerabilities. upgrade now to one
> of the following: ...?"
It's interesting...yes, I do make fun of my Windows brethren about their
security problems, but the fact is they have it pretty easy since you know
when MS security patches are coming out and you know when you'll have to
patch your servers. But Cisco doesn't seem to make it that easy to keep a
large environment of their devices up to date. Some better tools from
them would be good - even for those of us who do have support contracts.
--
John A. Kilpatrick
john@hypergeek.net Email| http://www.hypergeek.net/
john-page@hypergeek.net Text pages| ICQ: 19147504
remember: no obstacles/only challenges
