The Trailing Edge (was Re: FW: The worst abuse e-mail ever, sverige.net

• Previous message (by thread): FW: The worst abuse e-mail ever, sverige.net
• Next message (by thread): The Trailing Edge (was Re: FW: The worst abuse e-mail ever, sverige.net
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 22 Sep 2004 12:52:54 EDT, Jon Lewis said:

> Older versions of SA, especially with custom DNSBL rules, may have had
> this issue (applying DUL type DNSBL rules to IPs in every Received:
> header:) but thats been fixed for some time.

In many cases, "fixed" != "deployed", unfortunately.  And that adoption
curve has got a LONG tail at the far end going to infinity, because some
sites will never upgrade.

Has anybody done a comparison for different instances of this same problem
(for instance, rate of fixing of 69/8 filters, open SMTP relays, installing a
Microsoft 'critical' software fix, patching bind/ssh/apache/whatever
after a vulnerability is found), to see if the underlying curve has similar
characteristics?

I'm familiar with Eric Rescorla's "Security Holes - Who cares?"
paper (http://www.rtfm.com/Upgrade-usenix.pdf) and Beattie, Arnold,
Cowan, Wagle, and Wright's "Timing the Application of Security Patches
for Optimal Uptime" from LISA XVI - any other cites, especially for those
that succeed in mathematically modelling it in the real world well enough to
make predictions from?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040922/ed8594bd/attachment.sig>

• Previous message (by thread): FW: The worst abuse e-mail ever, sverige.net
• Next message (by thread): The Trailing Edge (was Re: FW: The worst abuse e-mail ever, sverige.net
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]