nanog mailing list archives

Re: AV/FW Adoption Sudies

From: Valdis.Kletnieks () vt edu
Date: Wed, 09 Jun 2004 14:34:12 -0400

On Tue, 08 Jun 2004 17:29:51 CDT, Dennis Dayman <dennis () thenose net>  said:


Does anyone know of any studies on user adoption of security s/w (AV and FW
products), including how often people update and how regularly?


Two papers that might help:

A writeup on the OpenSSL holes, the Slapper worm, and when/why users
patched their systems.  17 pages, PDF.

http://www.rtfm.com/upgrade.pdf

Lots of interesting conclusions about user behavior, which we probably
need to consider when planning.  Some non-trivial math/stats, but they
explain what the results mean in plain English too, so feel free to
skip over the formulas to the "this clearly shows..."..

Crispin Cowan's presentation from Usenix LISA:

http://wirex.com/~crispin/time-to-patch-usenix-lisa02.ps.gz

Both of these papers are somewhat flawed in that they focus on the
mostly-broken idea that the admin/user would even know a patch if it came by
and bit them on the posterior.....

Attachment: _bin
Description:

Current thread:

AV/FW Adoption Sudies Dennis Dayman (Jun 08)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 09)
  - Re: AV/FW Adoption Sudies Sean Donelan (Jun 09)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Paul G (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Paul G (Jun 10)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)

(Thread continues...)