Full Disclosure mailing list archives
RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd)
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Wed, 20 Aug 2003 10:02:02 -0500
-----Original Message----- From: Stephen Clowater [mailto:steve () stevesworld hopto org] Sent: Wednesday, August 20, 2003 9:16 AM To: Schmehl, Paul L; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] [Fwd: Edwards AFB shut down by W32Blaster] (fwd) And the people who run unix networks, well, the sysadmins usally are spolied. They can leave that solaris box running 34 proccessors in the corner, and have any other box talk to it without trouble. So when it goes down, after sitting in a corner and not being touched physically for about 2 years,
Spoiled is right. And I have to beat on them severely to get them to understand that they *too* must patch their boxes. It used to be a bragging point to say "my box has been up for 2398 days without a crash". Now it's just a sign of stupidity. *No* OS can go without patching for more than 30 days anymore. It's simply not safe. I'll grant you, Windows is way worse than all the others, and a much bigger PITA besides, but all of them must be patched, regularly, routinely, frequently, or you will be owned. The problem is that way to many *nix admins still think it's OK to be up for 2398 days without patching. (And yes, I *do* know that many patches merely require a kill -HUP. Not all do. You can't use a new kernel until you reboot, and all you need to do is look at the security notices for new kernels to realize that that alone is a regular occurrence.) Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd), (continued)
- RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Ron DuFresne (Aug 19)
- Re: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Michael Gale (Aug 19)
- Re: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Denis Dimick (Aug 19)
- RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Gerald Cody Bunch (Aug 19)
- Re: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Michael Gale (Aug 20)
- Re: [fd] RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Mike Vasquez (Aug 20)
- RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Ron DuFresne (Aug 19)
- RE: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Paul Schmehl (Aug 19)
- Re: [Fwd: Edwards AFB shut down by W32Blaster] (fwd) Byron Copeland (Aug 20)