RE: Large ISP response to Code Red?
From: Jonathan A. Zdziarski (jonathan.zdziarski@micromuse.com)Date: 07/31/01
- Previous message: Valdis.Kletnieks@vt.edu: "Re: Large ISP response to Code Red?"
- In reply to: Kris Carlier: "Re: Large ISP response to Code Red?"
- Next in thread: Rob McCauley: "Re: Large ISP response to Code Red?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jonathan A. Zdziarski" <jonathan.zdziarski@micromuse.com> To: <kris@iguana.be>, "Mike Johnson" <mikej@opennms.org> Subject: RE: Large ISP response to Code Red? Date: Tue, 31 Jul 2001 13:04:59 -0400 Message-ID: <COEPIIFFJPONEJNLHKOEAEADCCAA.jonathan.zdziarski@micromuse.com>
My 2 cents:
Security is everyone's responsibility. Microsoft needs to get on the ball
and provide patches and workarounds much quicker than they have been. It
wouldn't surprise me to see a class action suit crop up after this last
failure to take action. ISPs [wrongly] trust the vendor to provide secure
software. The other side of the coin is ISPs need to adopt the clue that
it's their responsibility to manage their own network. Trusting your system
to automatically update patches is going to do two things, 1) It's going to
give you a false sense of security that the vendor is actually going to
provide a patch to the security hole before it's exploited, and 2) Opens
your network up to allow anyone controlling the update server to install
code on your system (as was previously discussed in this thread). I truly
feel sorry for the networks that don't have the money to hire enough talent
to work around the holes in their OS and software, as a community we need to
write more FAQs to educate the poor folks...but I don't have very much pity
for these large ISPs who forego spending the money because they think it's
not financially justified. If you're going to build a network you need to
spend the extra $70-$100k to hire a decent security guy who will do his best
to protect the network and keep things up-to-date. Vendors are too lax, but
if you get hacked after a vulnerability has been discovered and you didn't
take action, it's the ISPs own fault.
-----Original Message-----
From: Kris Carlier [mailto:root@iguana.be]
Sent: Tuesday, July 31, 2001 12:54 PM
To: Mike Johnson
Cc: incidents@securityfocus.com
Subject: Re: Large ISP response to Code Red?
> To me, this is the answer. Server based systems usually have
> plenty of bandwidth. A different set of patches could be
> offered for the desktop class systems (Win9x, Me, 2k Prof.)
> that might be more bandwidth friendly and only applies to
small detail, IIRC, one of the windowsupdate servers fell victim to the CR
attack itself. So, here's a rethorical question: would you like your
system to be automatically updated ? What if the machine you trust is
infected ? Helluvaway to efficiently distribute a worm, no ?
kr=
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: Valdis.Kletnieks@vt.edu: "Re: Large ISP response to Code Red?"
- In reply to: Kris Carlier: "Re: Large ISP response to Code Red?"
- Next in thread: Rob McCauley: "Re: Large ISP response to Code Red?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
