Re: Microsoft's Early Xmas Present.
From: John Sage (jsage@finchhaven.com)Date: 01/03/02
- Previous message: H C: "RE: Microsoft's Early Xmas Present."
- In reply to: Steve Stearns: "Re: Microsoft's Early Xmas Present."
- Next in thread: Brett Glass: "Re: Microsoft's Early Xmas Present."
- Next in thread: David Kennedy CISSP: "Re: Microsoft's Early Xmas Present."
- Reply: Brett Glass: "Re: Microsoft's Early Xmas Present."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 03 Jan 2002 09:01:14 -0800 From: John Sage <jsage@finchhaven.com> To: Steve Stearns <sterno@bigbrother.net>
<snip>
>
> Another issue to consider is those people who are on dialup accounts.
> If there's a number of patches that are going to take hours to download
> and I need to get work done right now, that "feature" becomes a big
> problem. This creates user antipathy for security which is the last
> thing you want.
>
> ---Steve
The issue of dialups as an underlying base of infected, unpatched hosts
is underappreciated, IMHO..
As an examle of the scope of the problem, at home I'm on a dialup to
AT&T through their Seattle WA pop, with a dynamic IP in the 12.82.x.x
range of AT&T's 12.x.x.x class A.
I see 40 to 120 CodeRed/Nimda probes to tcp:80 *every* day, week in,
week out, from AT&T dialup, DSL and now AT&T Broadband Internet cable
clients switched over from the defunct Excite@Home cable network.
I have repeatedly notified abuse@att.net with snort logs for almost two
months, now, have received nothing but a generic response that really
relates more to spam than anything, and have seen little-to-no reduction
in the volume of this sort of thing.
These are home users, SOHO users, and small businesses with no IT staff
to speak of, all unpatched and infected, and all a potential source of
CodeRed/Nimda infection to new boxes coming on line after the Christmas
purchasing season.
- John
-- Computers: they're really nothing but l's and O's---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
- Previous message: H C: "RE: Microsoft's Early Xmas Present."
- In reply to: Steve Stearns: "Re: Microsoft's Early Xmas Present."
- Next in thread: Brett Glass: "Re: Microsoft's Early Xmas Present."
- Next in thread: David Kennedy CISSP: "Re: Microsoft's Early Xmas Present."
- Reply: Brett Glass: "Re: Microsoft's Early Xmas Present."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
