IDS mailing list archives
Re: Changes in IDS Companies?
From: "J. Foobar" <jfoobar1 () yahoo com>
Date: Thu, 31 Oct 2002 00:05:04 -0800 (PST)
To elaborate even further on your points here, which I agree with: The primary responsibility of your average Solaris/Linux/NT admin, both as they and as management see it, is not to keep their boxes secure. *gasp* *shocked look* The frequency with which some of the major OSes have new patches released, especially Solaris just lately, is enough to create somewhat of a boy-who-cries-wolf condition in almost anyone. Plus, these servers are not just base OSes running nothing else. They are there for a reason, usually to offer one or more application-based (often 3rd party apps) to internal or external customers. OS patches can break stuff. Admins know it, and they are cautious and deliberate about applying them (at best). If they rightfully insist on careful testing of patches on lab machines and if this activity only relates to a secondary job responsibility (security) and they are already overworked to begin with, this translates into weeks and weeks before these patches get installed on production systems. We make sure that the admins, and their management, know about new relevant security vulnerabilities via an internal advisory email distib list. --- Aaron Turner <aturner () pobox com> wrote:
I've never met any admin of any OS (Solaris, Linux, Windows mostly) who claimed that he/she had patched all of the servers within 24 hours of a patch on a regular basis. Most wouldn't even claim 7 days or even a few weeks. Is this best-practices? Not even close. Is it the reality? Absolutely, especially since most companies don't have their IT group fully staffed due to the economy.
__________________________________________________ Do you Yahoo!? Yahoo! News - Today's headlines http://news.yahoo.com
Current thread:
- FW: Changes in IDS Companies?, (continued)
- FW: Changes in IDS Companies? Avi Chesla (Oct 22)
- Re: Changes in IDS Companies? Proxy Administrator (Oct 25)
- Re: Changes in IDS Companies? Aaron Turner (Oct 25)
- Re: Changes in IDS Companies? A.S.Rajendran (Oct 25)
- Re: Changes in IDS Companies? Aaron Turner (Oct 25)
- Re: Changes in IDS Companies? Matt Harris (Oct 28)
- Re: Changes in IDS Companies? Aaron Turner (Oct 28)
- Re: Changes in IDS Companies? Matt Harris (Oct 29)
- Re: Changes in IDS Companies? Aaron Turner (Oct 29)
- Re: Changes in IDS Companies? Matt Harris (Oct 31)
- Re: Changes in IDS Companies? J. Foobar (Oct 31)
- Re: Changes in IDS Companies? Martin Roesch (Oct 31)