[94982] in North American Network Operators' Group
Re: botnets: web servers, end-systems and Vint Cerf
daemon@ATHENA.MIT.EDU (Eric Gauthier)
Fri Feb 16 08:04:52 2007
Date: Fri, 16 Feb 2007 07:43:38 -0500
From: Eric Gauthier <eric@roxanne.org>
To: Gadi Evron <ge@linuxbox.org>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.21.0702152148370.4861-100000@linuxbox.org>
Errors-To: owner-nanog@merit.edu
Heya,
> > And the fact that web servers are getting botted is just the cycle of
> > reincarnation - it wasn't that long ago that .edu's had a reputation of
> > getting pwned for the exact same reasons that webservers are targets now:
> > easy to attack, and usually lots of bang-for-buck in pipe size and similar.
>
> You mean they aren't now? Do we have any EDU admins around who want to
> tell us how bad it still is, despite attempts at working on this?
>
> Dorms are basically large honey nets. :)
I run the network for a University with about 12,000 students and 12,000
computers in our dormitories. We, like many other Universities, have spent the
last five or six years putting systems in place that are both reactive and
preventative. From my perspective, the issues are still there but I'm not
sure that I agree with your implications.
Do we still have "compromised" systems? Yes.
Is the number of "compromosed" systems at any time large? No.
Is the situation out of control? No.
Email me off-list if you want more details. IMHO, Its too bad broadband
providers have not yet picked up on what the Universities have done.
Eric :)
