Re: Large ISP response to Code Red?

From: Rob McCauley (robmccauat_private)
Date: Tue Jul 31 2001 - 07:23:11 PDT

  • Next message: Gary Maltzen: "Re: Mail Issue"

    On Mon, 30 Jul 2001, Seth Arnold wrote:
    
    > [1] they put an awful lot of effort into copyprotection .. how about
    > 'forced upgrade protection', that disables internet connections when
    > computers are unpatched for 14 days after release of a patch? Or how
    > about machines that automatically apply patches? Or email administrators
    > every time a patch is released? 
    
    You presume the cure (patch) is better than the disease, which isn't
    always the case.  I suspect many of us have been in a position where we
    have software with a defect (not necessarily security related) and a patch
    that fixes the defect, but breaks something else much more
    important.  Forced upgrades could require you to break your system to fix
    a problem which doesn't really impact you.  I'd also be wary of trusting
    any vendor who couldn't get the original software right to create
    software that could terminate my employer's internet connectivity if
    they're not satisfied the system is patched correctly.
    
    Perhaps that should be a general principle.  Don't buy or support
    any software which considers a denial of service a "feature". :)
    
    Incidentally, I have done most of the self-patching system.  I stop short
    of letting it apply the patches for exactly the reasons above.  Instead, I
    have it email me what it thinks should be applied and yes, it is sometimes
    wrong.
    
    Rob
    
    -- 
    ------------------------------------------------------------------------------
    Rob McCauley
    Radiation Oncology
    Duke University Medical Center
    
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 10:03:07 PDT