RE: [Full-Disclosure] [Fwd: Edwards AFB shut down by W32Blaster] (fwd)

["Schmehl, Paul L" <pauls@utdallas.edu>]

> -----Original Message-----
> From: Stephen Clowater [mailto:steve@stevesworld.hopto.org] 
> Sent: Wednesday, August 20, 2003 9:16 AM
> To: Schmehl, Paul L; full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] [Fwd: Edwards AFB shut down by 
> W32Blaster] (fwd)
> 
> And the people who run unix networks, well, the sysadmins 
> usally are spolied. 
> They can leave that solaris box running 34 proccessors in the 
> corner, and 
> have any other box talk to it without trouble. So when it 
> goes down, after 
> sitting in a corner and not being touched physically for 
> about 2 years,

Spoiled is right.  And I have to beat on them severely to get them to
understand that they *too* must patch their boxes.  It used to be a
bragging point to say "my box has been up for 2398 days without a
crash".  Now it's just a sign of stupidity.  *No* OS can go without
patching for more than 30 days anymore.  It's simply not safe.

I'll grant you, Windows is way worse than all the others, and a much
bigger PITA besides, but all of them must be patched, regularly,
routinely, frequently, or you will be owned.  The problem is that way to
many *nix admins still think it's OK to be up for 2398 days without
patching.  (And yes, I *do* know that many patches merely require a kill
-HUP.  Not all do.  You can't use a new kernel until you reboot, and all
you need to do is look at the security notices for new kernels to
realize that that alone is a regular occurrence.)

Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html