Re: botnets: web servers, end-systems and Vint Cerf

[Eric Gauthier <eric () roxanne org>]

Heya,

> > And the fact that web servers are getting botted is just the cycle of
> > reincarnation - it wasn't that long ago that .edu's had a reputation of
> > getting pwned for the exact same reasons that webservers are targets now:
> > easy to attack, and usually lots of bang-for-buck in pipe size and similar.
>
> You mean they aren't now? Do we have any EDU admins around who want to
> tell us how bad it still is, despite attempts at working on this?
>
> Dorms are basically large honey nets. :)

I run the network for a University with about 12,000 students and 12,000
computers in our dormitories.  We, like many other Universities, have spent the 
last five or six years putting systems in place that are both reactive and 
preventative.  From my perspective, the issues are still there but I'm not 
sure that I agree with your implications.

Do we still have "compromised" systems?  Yes.  
Is the number of "compromosed" systems at any time large?  No.
Is the situation out of control?  No.

Email me off-list if you want more details.  IMHO, Its too bad broadband 
providers have not yet picked up on what the Universities have done.

Eric :)