[88832] in North American Network Operators' Group
Re: and here are some answers [was: Quarantine your infected users spreading malware]
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Tue Feb 21 01:02:57 2006
Date: Tue, 21 Feb 2006 06:02:31 +0000
From: bmanning@vacation.karoshi.com
To: Rob Thomas <robt@cymru.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.62.0602201946260.20788@qentba.nf23028.arg>
Errors-To: owner-nanog@merit.edu
On Mon, Feb 20, 2006 at 07:49:04PM -0600, Rob Thomas wrote:
>
> Hey, Bill.
>
> ] wht is the mean-time-to-infection for a stock windows XP system
> ] when plugged intot he net?... 2-5minutes? you can't get patches
> ] down that fast.
>
> The same case can be made for Linux and Unix-based web servers with
> vulnerable PHP-based tools. There's also a large number of poorly
> configured devices such as routers with easily guessed passwords,
> overly permissive DNS name servers, etc.
>
> It's not simply a Windows problem.
>
> Thanks,
> Rob.
true enough. but "auntie jane" doesn't have linux/unix web server(s)
or router(s) (other than the one provided by her ISP and managed by them)
and has zero clue about overly permissive <service> machines.
me thinks it is a -much- larger pool that gets taken advantage of
wiht a much higher threshold of ignorance about problems.
--bill
