and here are some answers [was: Quarantine your infected users spreading malware]

• Previous message (by thread): and here are some answers [was: Quarantine your infected users spreading malware]
• Next message (by thread): botnets for good? [was: and here are some answers]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

bmanning at vacation.karoshi.com wrote:
> On Mon, Feb 20, 2006 at 07:49:04PM -0600, Rob Thomas wrote:
> 
>>Hey, Bill.
>>
>>] 	wht is the mean-time-to-infection for a stock windows XP system
>>] 	when plugged intot he net?... 2-5minutes?  you can't get patches
>>] 	down that fast.
>>
>>The same case can be made for Linux and Unix-based web servers with
>>vulnerable PHP-based tools.  There's also a large number of poorly
>>configured devices such as routers with easily guessed passwords,
>>overly permissive DNS name servers, etc.
>>
>>It's not simply a Windows problem.
>>
>>Thanks,
>>Rob.
> 
> 
> 	true enough.  but "auntie jane" doesn't have linux/unix web server(s)
> 	or router(s) (other than the one provided by her ISP and managed by them)
> 	and has zero clue about overly permissive <service> machines.
> 
> 	me thinks it is a -much- larger pool that gets taken advantage of
> 	wiht a much higher threshold of ignorance about problems. 
> 
> --bill

You described it best, and home users are indeed the problem discussed.

However, the amount of insecure routers out there is scary by itself. 
Rob has a lot more data on that than me and I don't doubt what he said.

-- 
http://blogs.securiteam.com/

"Out of the box is where I live".
	-- Cara "Starbuck" Thrace, Battlestar Galactica.

• Previous message (by thread): and here are some answers [was: Quarantine your infected users spreading malware]
• Next message (by thread): botnets for good? [was: and here are some answers]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]