nanog mailing list archives
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sun, 11 Feb 2007 13:49:13 -0500
On Sun, 11 Feb 2007 10:49:30 -0600 Dave Pooser <dave.nanog () alfordmedia com> wrote:
He was both right and wrong -- patches do break a lot of stuff. He was facing two problems: the probability of being off the air because of an attack versus the probability of being off the air because of bad interactions between patches and applications. Which is a bigger risk?That's an argument for an organizational test environment and testing patches before deployment, no? Not an argument against patching. That said, I would LOVE to see MS ship a monthly/quarterly unified updater that's a one-step way to bring fresh systems up to date without slipstreaming the install CD. Then press a zillion of 'em and put them everywhere you can find an AOL CD, for all those folks on dial-up who see a 200MB download and curl up in the fetal position and whimper.
Surveys have shown an inverse correlation between the size of a company and when it installed XP SP2. Yes, you're right; a good test environment is the right answer. As I think most of us on this list know, it's expensive, hard to do right, and still doesn't catch everything. If I recall correctly, the post I was replying to said that it was a non-profit; reading between the lines, it wasn't heavily staffed for IT, or they wouldn't have needed a consultant to help clean up after Blaster. And there's one more thing -- at what point have you done enough testing, given how rapidly some exploits are developed after the patch comes out? --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers), (continued)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Alexander Harrowell (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Adrian Chadd (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Rich Kulawiec (Feb 12)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Sean Donelan (Feb 11)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet Paul Vixie (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet Steve Sobol (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet Paul Vixie (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Steven M. Bellovin (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Dave Pooser (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Steven M. Bellovin (Feb 11)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stasiniewicz, Adam (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Sean Donelan (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stephane Bortzmeyer (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stephane Bortzmeyer (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Alexander Harrowell (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stephane Bortzmeyer (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 12)