Big Bad Beowulfs Again

[Gerry Creager N5JXS]

"Gregory R. Warnes" wrote:
> 
> On Sat, 13 May 2000, Nathan L. Cutler wrote:
> 
>   NLC>> You neglect to take into account the BUGTRAQ factor (if you don't know what
>   NLC>> BUGTRAQ is, try typing "BUGTRAQ" into your favorite web search engine).
>   NLC>>
>   NLC>> In other words: "accumulating" knowledge of weaknesses would be of little
>   NLC>> use to the troublemakers because the weaknesses are widely publicized as
>   NLC>> they are discovered and fixes appear within days in most cases (sometimes
>   NLC>> hours).
>   NLC>>
>   NLC>> By the time the troublemakers unleashed their dastardly attack, most if not
>   NLC>> all of it would be obsolete.
> 
> Unfortunately, a large proportion of the machines on the interenet are not
> closely managed for security.  Think of univerisities and of all the
> home machines on full-time connections...
> 
> In addition, while BUGTRAQ reports are good for closing specific holes,
> often the fixes don't resolve the CLASS of exploits.

We still get hit, but we take a proactive role in security here at
TAMU.  (That's not an invitation, OK?)... When I got hit by a wu-ftpd
buffer overflow intrusion about a year ago, the penetration was thru 2
@HOME.com machines that had absolutely nothing done for hardening
following installation of stock RedHat.  This is a valid hole.  And I'll
concede that enough University environments don't attempt to tighten up
their systems to make .edu a real potential vulnerabilty as well.
--
Gerry Creager		gerry at cs.tamu.edu, gerry at page4.cs.tamu.edu
Network Engineering			|Geodesy
Computer Science Department		|Satellite Geodesy and Control
Texas A&M University			|
979.458.4020