More on the DDoS Attack

Eric Gauthier eric at roxanne.org
Sat Sep 6 14:38:53 UTC 2003


> Where you able to obtain redistribution licenses from the vendors, such as
> Microsoft, to distribute the patches to your students?  Or did your
> restricted VLAN allow them enough access to the Internet to download the
> tools directly from the vendor's web sites?

Sean, I'm not exactly positive regarding the redistribution.  The
vendors in question are really just Microsoft for the patches and
then the cleaning/scanning tools we use.  The topic came up in a few
of our group meetings where we prepared for the semester and I _BELIEVE_ 
the answer was that we have site liscences for the scanning/cleaning 
tools we use, with the exception of any freeware/shareware which doesn't 
need a liscence, but don't quote me on this.  As far as the Microsoft patches, 
I'm not sure what the legaleze answer was or the exact distribution method, 
though it was on-line (i.e. "click here to download") and not by handing out 
burned CDs.  So, it was either a local patch repository or a web proxy.

I've received a bunch of off-list requests for information, more than I
was expecting :)  So, instead of just a quick few-line response I'll try
to write up something a bit more authoratative.  Unfortunately, I only
know the details of the network piece, so I have to check with our 
security and help desk people to answer in detail some of the other
questions that have come up (i.e. "legally" redistributing patches,
how exactly did the patching work, what scanners did you use/test for, etc).
Our security and support teams are just coming down from two weeks of
craziness, so some of them are off-line this weekend but I'll try to have
something by Monday...

Eric :)



More information about the NANOG mailing list