router worms and International Infrastructure
Christopher L. Morrow
christopher.morrow at mci.com
Tue Sep 20 02:47:51 UTC 2005
On Mon, 19 Sep 2005, Florian Weimer wrote:
> * Christopher L. Morrow:
>
> > I'm curious as to why people think that the problem isn't being
> > addressed?
>
> Do you see a business case for ISPs to help mass-market customers to
> clean up their infected PCs?
Nope, but I see a business case for software vendors to fix their
problems, and for education of the people that are a problem. I'm not sure
it'll fix the problem either, but blocking ports hasn't been wholey
effective either, especially not when you consider RPC-over-http now :(
hurray!
>
> I still hear claims from the ISP folks that anything but prevention
> isn't viable, and all available data suggests that prevention is an
Mostly this is probably true. Consumer ISP's are in a rough battle of
idiots/users versus 'next exploit against the most common platform
deployed'. Sure there are stupidities committed by other than software
vendors (how many routers have login passwd: cisco and no vty acl? How
many cayman/dsl routers are out there with default userid/passwd and
remove management enabled? How many wireless AP's are there with default
admin setup? ... for fun, try the one at the Baron's Cove Inn in Sag
Harbor... poor folks :( )
The issue of 'are consumer users getting better/worse/owned/deleted' isn't
really the problem, the issue is "Is the Internet being treated as
'Critical Infrastructure' by some people in a position to make it
'better'?"
I'd say that yes, there are lots of folks that consider their little piece
of the Internet to be 'critical' and who are making steps where they can
to ensure it's protected to the best of their ability. Just because folks
aren't out beating drums daily doesn't mean the work isn't getting done.
So, what leads you to believe it's NOT getting
fixed/looked-at/worked/considered?
> utter and complete failure. (Okay, maybe I'm exaggerating a bit, but
> you get the idea.)
I think Sean Donelan has some numbers about this... or we could google
search the nanog archives :)
More information about the NANOG
mailing list