Full Disclosure mailing list archives
Re: AW: no more public exploits
From: Cael Abal <lists2 () onryou com>
Date: Tue, 27 Apr 2004 23:10:14 -0400
Baum, Stefan wrote:
IMHO, no sysadmin taking his work seriously, will wait patching the systems until an exploit is available throughout the internet. Stefan (I AM A SYSADMIN)
Cripes, this is the thread that never ends.What if there were two patches fixing vulnerabilities of equal severity, one with a known, published exploit and one without? Would you give one priority (considering that rolling out a patch involves significant testing)? You do perform regression testing, right?
What if you were juggling a slew of very high priority tasks and a patch was made available? Would you drop everything (including those mission critical jobs your boss' boss asked you to handle by days end) in order to push that patch out the door immediately?
Part of being a good sysadmin (really, being a good /anything/) involves being able to perform on-the-fly cost/benefit analyses. Realistically, the lack of a widespread published exploit means an attack on any given machine is less likely. An admin who chooses to ignore these probabilities isn't looking at their job with the right perspective.
Take care, Cael _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AW: no more public exploits Baum, Stefan (Apr 27)
- Re: no more public exploits Exibar (Apr 27)
- Re: AW: no more public exploits Byron Copeland (Apr 27)
- Re: AW: no more public exploits Valdis . Kletnieks (Apr 27)
- Re: AW: no more public exploits Cael Abal (Apr 27)
- <Possible follow-ups>
- Re: AW: no more public exploits tcleary2 (Apr 28)
- Re: AW: no more public exploits Bernard J. Duffy (Apr 28)
- RE: AW: no more public exploits Soderland, Craig (Apr 28)
- RE: AW: no more public exploits Ng, Kenneth (US) (Apr 28)
- RE: AW: no more public exploits Blake Wiedman (Apr 28)