Providers removing blocks on port 135?

• Previous message (by thread): Providers removing blocks on port 135?
• Next message (by thread): Providers removing blocks on port 135?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I agree.  In my opinion, at this point, the larger issue that we really need
to find a way to address is to force a recall on the Exploding Pinto and
get real product liability available to the victims.  Not just the moron
who bought the Exploding Pinto knowing it would probably explode, who,
actually should have some culpability, but, more importantly, there should
be actual liability on the part of the manufacturer and the reckless
operator to the innocent bystander victims (ISPs, Web sites, etc.) that
are forced to try to repair or work around the damage, handle the traffic,
etc.

The Virus-of-the-week club is not going to go away until somebody gets
a multi-million dollar judgement against Micr0$0ft for the damage inflicted
by their Exploding Pinto, or, until businesses start to see that there
is liability for running unpatched windows systems to the tune of "If you
keep driving your Exploding Pinto, you may have to pay $$$ to the victims
of the explosion when it occurs."

Case 1 will lead Micr0$0ft to start rethinking some of it's less secure
design decisions.  Case 2 will lead businesses to evaluate whether
Windows is _REALLY_ a cost effective choice or not.

Until at least one, preferably both of these things happens, we are going
to be stuck with the consequences of other people choosing to run Whine-Doze
whether we run it, or even want to know that anyone runs it or not.

Owen

--On Friday, September 19, 2003 10:32 AM -0700 Matthew Kaufman 
<matthew at eeph.com> wrote:

> Well, we could start by having every ISP do what we do, which is to find
> worm-infected customers inside our network and get them patched or turned
> off. But that's a lot of work. (Especially when you've got a new worm to
> track down every week)
>
> The scary/unfortunate part to me is that these things never seem to go
> away... Check your web server's log for the last hit from Code Red, for
> instance. (6 minutes ago, from 203.59.48.139, on the server I just
> checked)
>
> Matthew Kaufman
> matthew at eeph.com
>
>> -----Original Message-----
>> From: Owen DeLong [mailto:owen at delong.com]
>> Sent: Friday, September 19, 2003 10:23 AM
>> To: Matthew Kaufman; 'Jack Bates'; 'Adam Hall'
>> Cc: nanog at nanog.org
>> Subject: RE: Providers removing blocks on port 135?
>>
>>
>> OK... Obviously, you need to do what you need to do to keep things
>> running.  However, that should be a temporary crisis
>> response.  If your
>> equipment is getting DOS'd for more than a few months, we need to find
>> a way to fix a bigger problem.  Permanently breaking some service
>> (regardless
>> of what we think of it.  Personally, I'll be glad to see M$
>> go down in
>> flames)
>> is _NOT_ the correct answer.
>>
>> Owen
>>
>

• Previous message (by thread): Providers removing blocks on port 135?
• Next message (by thread): Providers removing blocks on port 135?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]