Network and security experts (was Re: Dumb users spread viruses)
Kevin Oberman
oberman at es.net
Mon Feb 9 18:02:51 UTC 2004
> Date: Mon, 9 Feb 2004 12:41:26 -0500 (EST)
> From: Sean Donelan <sean at donelan.com>
> Sender: owner-nanog at merit.edu
>
>
> On Mon, 9 Feb 2004, John Payne wrote:
> > --On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie at vix.com>
> > wrote:
> > > There is nothing wrong with a user who thinks they should not have to know
> > > how to protect their computer from virus infections.
> > However, someone attending NANOG should at least have cleaned up slammer
> > before connecting to the wireless...
>
> I have never seen any evidence that security experts or network operators
> are any better at practicing security than any other user group. In every
> forum I've been at, the infection rates have been similar regardless of
> the attendees security experience.
>
> Sometimes the attendees know about the issue, but do not have the power
> to fix it, e.g. corporate IT deparment controls the laptop they are
> required to use. Other times, they are oblivious to the equipment being
> infected.
>
> I wouldn't be surprised if I went to a meeting at the Department of
> Homeland Security or NSA, their infection rates are similar.
At a recent large (last 6 months) trade show, the show network saw a
bunch infected systems pop up at once. The problem was tracked (fairly
quickly) to machines brought up by a vendor in their booth that lacked a
number of recent Microsoft Windows Critical Updates. I can't say who the
vendor was, but they REALLY should have been the FIRST to install any
patches.
If this happens, what hope do we have for "normal" users.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
More information about the NANOG
mailing list