nanog mailing list archives

Re: Security Guideance

From: Joel Esler <joel.esler () me com>
Date: Tue, 23 Feb 2010 20:55:33 -0500

Why does there need to be blame?  Diagnose the problem, fix the problem, move on with life.  Someone made a mistake, 
learn from it, move on.

--
Joel Esler
joel.esler () me com
http://www.joelesler.net

 
On Tuesday, February 23, 2010, at 05:13PM, <Valdis.Kletnieks () vt edu> wrote:

On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said:

On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote:

The problem is that a user on this box appears to be launching high
traffic DOS attacks from it towards other sites.


It's possible the user inadvertently enabled the same exploit after you
rebuilt the system. I suggest caution with assigning culpability.


Or the gold image used to rebuild was itself vulnerable.  It happens a lot
more often than you think. I'd suggest *lots* of caution with assigning
culpability. ;)

Current thread:

Re: Security Guideance, (continued)
- - Re: Security Guideance Dan White (Feb 23)
    - Re: Security Guideance acv (Feb 23)
    - Re: Security Guideance Nathan Ward (Feb 23)
    - RE: Security Guideance Joe (Feb 23)
    - Re: Security Guideance Curtis Maurand (Feb 24)
- Re: Security Guideance LaDerrick H. (Feb 23)
- Re: Security Guideance David Freedman (Feb 23)
- RE: Security Guideance Joe Conlin (Feb 23)
- Re: Security Guideance Nate Itkin (Feb 23)
  - Re: Security Guideance Valdis . Kletnieks (Feb 23)
    - Re: Security Guideance Joel Esler (Feb 23)
- RE: Security Guideance Express Web Systems (Feb 23)
- Re: Security Guideance Gadi Evron (Feb 23)
- Re: Security Guideance Laurens Vets (Feb 24)
- Re: Security Guideance Bill Stewart (Feb 24)