nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Network and security experts (was Re: Dumb users spread viruses)

From: "Steven M. Bellovin" <smb () research att com>
Date: Mon, 09 Feb 2004 13:39:33 -0500

In message <20040209181258.GA34537 () typo org>, "Wayne E. Bouchard" writes:


On Mon, Feb 09, 2004 at 12:41:26PM -0500, Sean Donelan wrote:


On Mon, 9 Feb 2004, John Payne wrote:

--On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie () vix com>
wrote:

There is nothing wrong with a user who thinks they should not have to kn

ow

how to protect their computer from virus infections.

However, someone attending NANOG should at least have cleaned up slammer
before connecting to the wireless...


I have never seen any evidence that security experts or network operators
are any better at practicing security than any other user group.  In every
forum I've been at, the infection rates have been similar regardless of
the attendees security experience.


This is dramatically demonstrated by the number of NANOG attendees
that do not utilize encrypted paths to communicate back to their
offices and who do not maintain at least passable password standards
for their own accounts. It always astonishes me to see passwords such
as "asdfg", "microsoft", and "password" come up on that list.



Yah -- and you see that on telnets and snmp queries to live routers, 
on the nanog wireless net.  That's *after* the demonstration that a few 
of us did last time...

                --Steve Bellovin, http://www.research.att.com/~smb
Previous By Date Next
Previous By Thread Next

Current thread: