nanog mailing list archives

Re: Security Guideance

From: Valdis.Kletnieks () vt edu
Date: Tue, 23 Feb 2010 17:13:14 -0500

On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said:

On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote:

The problem is that a user on this box appears to be launching high
traffic DOS attacks from it towards other sites.


It's possible the user inadvertently enabled the same exploit after you
rebuilt the system. I suggest caution with assigning culpability.


Or the gold image used to rebuild was itself vulnerable.  It happens a lot
more often than you think. I'd suggest *lots* of caution with assigning
culpability. ;)

Attachment: _bin
Description:

Current thread:

Re: Security Guideance, (continued)
- - - Re: Security Guideance Aaron L. Meehan (Feb 24)
  - Re: Security Guideance Dan White (Feb 23)
    - Re: Security Guideance acv (Feb 23)
    - Re: Security Guideance Nathan Ward (Feb 23)
    - RE: Security Guideance Joe (Feb 23)
    - Re: Security Guideance Curtis Maurand (Feb 24)
- Re: Security Guideance LaDerrick H. (Feb 23)
- Re: Security Guideance David Freedman (Feb 23)
- RE: Security Guideance Joe Conlin (Feb 23)
- Re: Security Guideance Nate Itkin (Feb 23)
  - Re: Security Guideance Valdis . Kletnieks (Feb 23)
    - Re: Security Guideance Joel Esler (Feb 23)
- RE: Security Guideance Express Web Systems (Feb 23)
- Re: Security Guideance Gadi Evron (Feb 23)
- Re: Security Guideance Laurens Vets (Feb 24)
- Re: Security Guideance Bill Stewart (Feb 24)