Re: Large ISP response to Code Red?

From: Rob McCauley (robmccau@RadOnc.Duke.EDU)
Date: 07/31/01


Date: Tue, 31 Jul 2001 10:23:11 -0400 (EDT)
From: Rob McCauley <robmccau@RadOnc.Duke.EDU>
To: incidents@securityfocus.com
Subject: Re: Large ISP response to Code Red?
Message-ID: <Pine.GS4.4.21.0107311008170.10094-100000@roentgen>


On Mon, 30 Jul 2001, Seth Arnold wrote:

> [1] they put an awful lot of effort into copyprotection .. how about
> 'forced upgrade protection', that disables internet connections when
> computers are unpatched for 14 days after release of a patch? Or how
> about machines that automatically apply patches? Or email administrators
> every time a patch is released?

You presume the cure (patch) is better than the disease, which isn't
always the case. I suspect many of us have been in a position where we
have software with a defect (not necessarily security related) and a patch
that fixes the defect, but breaks something else much more
important. Forced upgrades could require you to break your system to fix
a problem which doesn't really impact you. I'd also be wary of trusting
any vendor who couldn't get the original software right to create
software that could terminate my employer's internet connectivity if
they're not satisfied the system is patched correctly.

Perhaps that should be a general principle. Don't buy or support
any software which considers a denial of service a "feature". :)

Incidentally, I have done most of the self-patching system. I stop short
of letting it apply the patches for exactly the reasons above. Instead, I
have it email me what it thinks should be applied and yes, it is sometimes
wrong.

Rob

-- 
------------------------------------------------------------------------------
Rob McCauley
Radiation Oncology
Duke University Medical Center

---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • Re: Protecting Home Machines
    ... If they bring them in for a dhcp connection in their offices .. ... thats when I patch, patch, ... patches, etc. ... > internet connections. ...
    (Security-Basics)
  • 9_Recommended error codes (specifically return code 5)
    ... * "return code 2" indicates patches are already installed. ... * "return code 25" means a patches requires another patch that is not yet installed. ... With or without using the save option, the patch installation process ... Installing 114008-01... ...
    (SunManagers)
  • Re: [PATCH] ext4: memory leakage in ext4_mb_init()
    ... one of the important parts of a patch is that the patcher ... If you are not able to deal with all patches received, ... stock kernel, is buggy, and end users have to face panic. ... Ext4 is actually quite stable at this point. ...
    (Linux-Kernel)
  • Re: This is [Re:] How to improve the quality of the kernel[?].
    ... The -mm kernel already implements what your proposed PTS would do. ... If patch have no TS ID, ... Thus i can apply for example lguest patches and implement and test new ... How many open source projects use Bugzilla and how many use the Debian BTS? ...
    (Linux-Kernel)
  • Re: ATTACK of the WEEK-fentanyl patches
    ... FDA warns of deaths from fentanyl patch ... Some of the deaths came after doctors prescribed the patches to the ... The drug is only for chronic pain in people used to narcotics, ...
    (alt.support.chronic-pain)