Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: 'we should all be uncomfortable with the extent to which luck..'

  • From: Roeland Meyer
  • Date: Wed Jul 25 02:42:41 2001

> From: k claffy [mailto:kc@ipn.caida.org]
> Sent: Tuesday, July 24, 2001 10:36 PM

> almost makes me wonder if some white hat might (should?) have 
> been behind CodeRed as some 'vaccination' attempt.

Stop wondering. IMHO "White hats" that crack into systems should be treated
the same as "black hats" that crack into systems. Throw them in jail and RO
them from even thinking the word "computer" ever again (A few years, on a
chain-gang, might do them some good ... sun ... excersize ... daylight ...
fresh air ... they might lose that pasty complexion). <from someone whom has
lost way too many days cleaning up the messes after>.

> 	This assault also demonstrates that machines operated by home
> 	users or small businesses (hosts less likely to be maintained
> 	by a professional sysadmin) are integral to the robustness of
>         the global Internet. As is the case with biologically active

Do you always let your stereotyping lead you by the nose like this ...? Home
users ... maybe. Small businesses ... not.

> From: CERT Advisory [mailto:cert-advisory@cert.org]
> Sent: Tuesday, July 24, 2001 6:50 PM

> CERT Advisory CA-2001-21 Buffer Overflow in telnetd
> 
>    Original release date: July 24, 2001
>    Last revised: --
>    Source: CERT/CC

> Systems Affected
> 
>    Systems running versions of telnetd derived from BSD source.

How many of us here run anything less than SSH and even allow telnetd to
live on any of our hosts?




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.