Security Incidents mailing list archives
Re: Large ISP response to Code Red?
From: Rob McCauley <robmccau () RadOnc Duke EDU>
Date: Tue, 31 Jul 2001 10:23:11 -0400 (EDT)
On Mon, 30 Jul 2001, Seth Arnold wrote:
[1] they put an awful lot of effort into copyprotection .. how about 'forced upgrade protection', that disables internet connections when computers are unpatched for 14 days after release of a patch? Or how about machines that automatically apply patches? Or email administrators every time a patch is released?
You presume the cure (patch) is better than the disease, which isn't always the case. I suspect many of us have been in a position where we have software with a defect (not necessarily security related) and a patch that fixes the defect, but breaks something else much more important. Forced upgrades could require you to break your system to fix a problem which doesn't really impact you. I'd also be wary of trusting any vendor who couldn't get the original software right to create software that could terminate my employer's internet connectivity if they're not satisfied the system is patched correctly. Perhaps that should be a general principle. Don't buy or support any software which considers a denial of service a "feature". :) Incidentally, I have done most of the self-patching system. I stop short of letting it apply the patches for exactly the reasons above. Instead, I have it email me what it thinks should be applied and yes, it is sometimes wrong. Rob -- ------------------------------------------------------------------------------ Rob McCauley Radiation Oncology Duke University Medical Center ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Large ISP response to Code Red? Jon O . (Jul 30)
- Re: Large ISP response to Code Red? Christian Kuhtz (Jul 30)
- Re: Large ISP response to Code Red? David Hickman (Jul 31)
- Re: Large ISP response to Code Red? Seth Arnold (Jul 30)
- Re: Large ISP response to Code Red? Mike Johnson (Jul 31)
- Re: Large ISP response to Code Red? Kris Carlier (Jul 31)
- RE: Large ISP response to Code Red? Jonathan A. Zdziarski (Jul 31)
- Re: Large ISP response to Code Red? Mike Johnson (Jul 31)
- Re: Large ISP response to Code Red? Rob McCauley (Jul 31)
- Re: Large ISP response to Code Red? Valdis . Kletnieks (Jul 31)
- Re: Large ISP response to Code Red? Christian Kuhtz (Jul 30)
- Re: Large ISP response to Code Red? kath (Jul 31)
- Re: Large ISP response to Code Red? Mike Lewinski (Jul 31)
- <Possible follow-ups>
- Re: Large ISP response to Code Red? Blake Frantz (Jul 31)
- RE: Large ISP response to Code Red? Jonathan A. Zdziarski (Jul 31)
- Re: Large ISP response to Code Red? Seth Arnold (Jul 31)