nanog mailing list archives
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sun, 11 Feb 2007 11:29:22 -0500
On Sat, 10 Feb 2007 23:36:32 -0600 "Stasiniewicz, Adam" <stasinia () msoe edu> wrote:
Another time I was do some consulting work for a NPO. I was going over the findings of my audit and I told the IT manager that all of his machines were missing patches. His response: "we only install service packs, individual patches take too much time to install and tend to break more stuff than they fix". Ironically, a month latter he calls me back asking for help because his network got infect with Blaster...
He was both right and wrong -- patches do break a lot of stuff. He was facing two problems: the probability of being off the air because of an attack versus the probability of being off the air because of bad interactions between patches and applications. Which is a bigger risk? It's not an easy question to answer. One scenario that scares me is what happens if the April Patch Tuesday takes out, say, TurboTax, just as Americans are getting ready to file their tax returns. There are no good answers to this question. Of course, being an academic I can view such problems as opportunities, and it is in fact a major focus of my research. Today, though, it's a serious issue for system managers. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers), (continued)
- Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Sean Donelan (Feb 10)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stasiniewicz, Adam (Feb 10)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Alexander Harrowell (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Adrian Chadd (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Rich Kulawiec (Feb 12)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Sean Donelan (Feb 11)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet Paul Vixie (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet Steve Sobol (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet Paul Vixie (Feb 11)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stasiniewicz, Adam (Feb 10)
- Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Sean Donelan (Feb 10)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Steven M. Bellovin (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Dave Pooser (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Steven M. Bellovin (Feb 11)
- RE: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stasiniewicz, Adam (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Sean Donelan (Feb 11)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stephane Bortzmeyer (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Gadi Evron (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Stephane Bortzmeyer (Feb 12)
- Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers) Alexander Harrowell (Feb 12)