Security Guideance

Joel Esler joel.esler at
Wed Feb 24 01:55:33 UTC 2010

Why does there need to be blame?  Diagnose the problem, fix the problem, move on with life.  Someone made a mistake, learn from it, move on.

Joel Esler
joel.esler at

On Tuesday, February 23, 2010, at 05:13PM, <Valdis.Kletnieks at> wrote:
>On Tue, 23 Feb 2010 11:27:21 -1000, Nate Itkin said:
>> On Tue, Feb 23, 2010 at 02:46:54PM -0500, Paul Stewart wrote:
>> > The problem is that a user on this box appears to be launching high
>> > traffic DOS attacks from it towards other sites.
>> It's possible the user inadvertently enabled the same exploit after you
>> rebuilt the system. I suggest caution with assigning culpability.
>Or the gold image used to rebuild was itself vulnerable.  It happens a lot
>more often than you think. I'd suggest *lots* of caution with assigning
>culpability. ;)

More information about the NANOG mailing list