[94983] in North American Network Operators' Group
Re: botnets: web servers, end-systems and Vint Cerf
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri Feb 16 08:11:44 2007
Date: Fri, 16 Feb 2007 07:02:10 -0600 (CST)
From: Gadi Evron <ge@linuxbox.org>
To: Eric Gauthier <eric@roxanne.org>
Cc: nanog@merit.edu
In-Reply-To: <20070216124338.GA10478@roxanne.org>
Errors-To: owner-nanog@merit.edu
On Fri, 16 Feb 2007, Eric Gauthier wrote:
> Heya,
>
> > > And the fact that web servers are getting botted is just the cycle of
> > > reincarnation - it wasn't that long ago that .edu's had a reputation of
> > > getting pwned for the exact same reasons that webservers are targets now:
> > > easy to attack, and usually lots of bang-for-buck in pipe size and similar.
> >
> > You mean they aren't now? Do we have any EDU admins around who want to
> > tell us how bad it still is, despite attempts at working on this?
> >
> > Dorms are basically large honey nets. :)
>
> I run the network for a University with about 12,000 students and 12,000
> computers in our dormitories. We, like many other Universities, have spent the
> last five or six years putting systems in place that are both reactive and
> preventative. From my perspective, the issues are still there but I'm not
> sure that I agree with your implications.
>
> Do we still have "compromised" systems? Yes.
> Is the number of "compromosed" systems at any time large? No.
> Is the situation out of control? No.
>
> Email me off-list if you want more details. IMHO, Its too bad broadband
Will do, and also below...
> providers have not yet picked up on what the Universities have done.
Thank you Eric. :)
Can you elaborate a bit on what universities have done which would be
relevant to service providers here?
>
> Eric :)
>
