Security Incidents mailing list archives
Re: Microsoft's Early Xmas Present.
From: John Sage <jsage () finchhaven com>
Date: Thu, 03 Jan 2002 09:01:14 -0800
<snip>
Another issue to consider is those people who are on dialup accounts. If there's a number of patches that are going to take hours to downloadand I need to get work done right now, that "feature" becomes a big problem. This creates user antipathy for security which is the lastthing you want.---Steve
The issue of dialups as an underlying base of infected, unpatched hosts is underappreciated, IMHO..
As an examle of the scope of the problem, at home I'm on a dialup to AT&T through their Seattle WA pop, with a dynamic IP in the 12.82.x.x range of AT&T's 12.x.x.x class A.
I see 40 to 120 CodeRed/Nimda probes to tcp:80 *every* day, week in, week out, from AT&T dialup, DSL and now AT&T Broadband Internet cable clients switched over from the defunct Excite@Home cable network.
I have repeatedly notified abuse () att net with snort logs for almost two months, now, have received nothing but a generic response that really relates more to spam than anything, and have seen little-to-no reduction in the volume of this sort of thing.
These are home users, SOHO users, and small businesses with no IT staff to speak of, all unpatched and infected, and all a potential source of CodeRed/Nimda infection to new boxes coming on line after the Christmas purchasing season.
- John -- Computers: they're really nothing but l's and O's ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Microsoft's Early Xmas Present. Devdas Bhagat (Jan 02)
- Re: Microsoft's Early Xmas Present. Steve Stearns (Jan 02)
- Re: Microsoft's Early Xmas Present. John Sage (Jan 03)
- Re: Microsoft's Early Xmas Present. Brett Glass (Jan 03)
- Re: Microsoft's Early Xmas Present. John Sage (Jan 03)
- <Possible follow-ups>
- Re: Microsoft's Early Xmas Present. David Kennedy CISSP (Jan 03)
- Re: Microsoft's Early Xmas Present. Ryan Russell (Jan 03)
- RE: Microsoft's Early Xmas Present. Cloppert, Michael (Jan 03)
- RE: Microsoft's Early Xmas Present. H C (Jan 03)
- Re: Microsoft's Early Xmas Present. Valdis . Kletnieks (Jan 03)
- RE: Microsoft's Early Xmas Present. Eric Jon Rostetter (Jan 03)
- RE: Microsoft's Early Xmas Present. H C (Jan 03)
- RE: Microsoft's Early Xmas Present. H C (Jan 03)
- Re: Microsoft's Early Xmas Present. Steve Stearns (Jan 02)