Security Incidents mailing list archives

Priorities (was: Bind8 exploit and a deleted partition map)

From: Dustin Mitchell <dustin () CS UCHICAGO EDU>
Date: Thu, 15 Feb 2001 09:11:47 -0600

On Tue, 13 Feb 2001, Crist Clark wrote:

Derek Kwan wrote:
...

2) Keep your software version updated


It's tough, but try, try, and have an idea about priorities. Which
needs to be fixed by end of the week, which by end of the day, and
which needs to be turned off NOW until it is fixed.


I'd like a little more advice on this subject: what are some of the
factors that should influence this prioritization?  Maybe I can list a
few; please add/correct:

a) Exposure (e.g. who are your local users, is the machine behind a
   firewall)
b) Existence of a rootkit
c) Evidence of attempts or scans
d) Breadth of vulnerability (e.g. root shell, DoS, or just breaking the
   AppleTalk server that only one person uses)

Dustin

---------------------------------------------------------------------
| Dustin Mitchell                                        )O(        |
---------------------------------------------------------------------

Current thread:

Bind8 exploit and a deleted partition map Matteo,Marc A. (Feb 13)
- Re: Bind8 exploit and a deleted partition map Luciano Miguel Ferreira Rocha (Feb 13)
  - Re: Bind8 exploit and a deleted partition map Jose Nazario (Feb 13)
- Re: Bind8 exploit and a deleted partition map Derek Kwan (Feb 13)
  - Re: Bind8 exploit and a deleted partition map Crist Clark (Feb 13)
    - Re: Bind8 exploit and a deleted partition map Jeremy L. Gaddis (Feb 14)
    - Re: Bind8 exploit and a deleted partition map Valdis Kletnieks (Feb 14)
    - Re: Bind8 exploit and a deleted partition map Eric Brandwine (Feb 14)
    - Priorities (was: Bind8 exploit and a deleted partition map) Dustin Mitchell (Feb 15)
    - Re: Priorities (was: Bind8 exploit and a deleted partition map) Crist Clark (Feb 15)
- <Possible follow-ups>
- Re: Bind8 exploit and a deleted partition map Justin Shore (Feb 14)