Re: Message from my ISP

From: Mark H. Wood (mwood@mhw.ULib.IUPUI.Edu)
Date: 01/30/03 

From: "Mark H. Wood" <mwood@mhw.ULib.IUPUI.Edu>
Date: Thu, 30 Jan 2003 15:31:43 +0000 (UTC)

Melissa <Melissa@upalliance.orgxzy> wrote:
[snip]
>> I think the
>> widely distributed nature of the internet makes being able to shut to
>> whole thing down pretty difficult, especially with such a crude attack
>> as that plaguing DALnet. Essentially, all a DoS attack does is clog up a
>> mess of bandwidth, it doesn't do any actual damage, so disinfecting all
>> infected computers would easily remedy the whole situation, and no
>> lasting damage would come from it.
>
> So why aren't people doing it?

Because of the widely distributed nature of the Internet. A lot of
the infected nodes have been distributed to people who have no idea
how to disinfect a computer, or why they need to.

Other nodes are production systems whose managers are leery of *any*
changes to a working box. Patch kits *have* been known to do more
harm than good on occasion. A lot of MS SQL Server boxes involved in
the recent SQL Slapper outbreak were explicitly not updated for months
because "we don't have a problem now, and the patch might break
something else." Sometimes you win that bet, and sometimes you lose
big. 

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
MS Windows *is* user-friendly, but only for certain values of "user".