RE: [Full-Disclosure] [Fwd: Edwards AFB shut down by W32Blaster] (fwd)

From: Schmehl, Paul L (pauls_at_utdallas.edu)
Date: 08/20/03

  • Next message: Schmehl, Paul L: "RE: [Full-Disclosure] SoBig.F strange problem" 
    To: <full-disclosure@lists.netsys.com>
Date: Wed, 20 Aug 2003 10:02:02 -0500

    > -----Original Message-----
    > From: Stephen Clowater [mailto:steve@stevesworld.hopto.org]
    > Sent: Wednesday, August 20, 2003 9:16 AM
    > To: Schmehl, Paul L; full-disclosure@lists.netsys.com
    > Subject: Re: [Full-Disclosure] [Fwd: Edwards AFB shut down by
    > W32Blaster] (fwd)
    >
    > And the people who run unix networks, well, the sysadmins
    > usally are spolied.
    > They can leave that solaris box running 34 proccessors in the
    > corner, and
    > have any other box talk to it without trouble. So when it
    > goes down, after
    > sitting in a corner and not being touched physically for
    > about 2 years,

    Spoiled is right. And I have to beat on them severely to get them to
    understand that they *too* must patch their boxes. It used to be a
    bragging point to say "my box has been up for 2398 days without a
    crash". Now it's just a sign of stupidity. *No* OS can go without
    patching for more than 30 days anymore. It's simply not safe.

    I'll grant you, Windows is way worse than all the others, and a much
    bigger PITA besides, but all of them must be patched, regularly,
    routinely, frequently, or you will be owned. The problem is that way to
    many *nix admins still think it's OK to be up for 2398 days without
    patching. (And yes, I *do* know that many patches merely require a kill
    -HUP. Not all do. You can't use a new kernel until you reboot, and all
    you need to do is look at the security notices for new kernels to
    realize that that alone is a regular occurrence.)

    Paul Schmehl (pauls@utdallas.edu)
    Adjunct Information Security Officer
    The University of Texas at Dallas
    AVIEN Founding Member
    http://www.utdallas.edu/~pauls/

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Schmehl, Paul L: "RE: [Full-Disclosure] SoBig.F strange problem"

    Relevant Pages

    • The performance and behaviour of the anti-fragmentation related patches
      ... I've posted up patches that implement the two generally accepted approaches ... physical address space on the vanilla kernel because there is no effort made ... also that the huge page allocations always come from here as well. ... Vanilla Kernel List-base Kernel Zone-base Kernel Combined Kernel ...
      (Linux-Kernel)
    • Re: This is [Re:] How to improve the quality of the kernel[?].
      ... The -mm kernel already implements what your proposed PTS would do. ... If patch have no TS ID, ... Thus i can apply for example lguest patches and implement and test new ... How many open source projects use Bugzilla and how many use the Debian BTS? ...
      (Linux-Kernel)
    • Re: Scheduler Situation
      ... understand basic kernel operations like memory management or CPU ... I, like many people, had been using Con's patches for years and were ... Con here. ... other aspect, including offering a choice of IO schedulers, but not ...
      (Linux-Kernel)
    • Re: [PATCH] delete devfs
      ... been merging patches at a rate of about 10MB/month. ... Andrew would like to see a 2.6 tree which continues to change ... In his vision of the future, the kernel.org kernel will be the most ... keeps the developers happy and gets new code out to users quicker. ...
      (Linux-Kernel)
    • Re: 2.6.X, NPTL, SCHED_FIFO and JACK
      ... improvement as AM's lowlat patches. ... patches) that the author of the premiere lowlat patches for 2.4 would ... many notable kernel developers were not particularly interested in our ... VM and disk subsystems appear to be conspiring ...
      (Linux-Kernel)