Big Bad Beowulfs Again
Gregory R. Warnes
warnes at biostat.washington.edu
Sat May 13 19:34:24 PDT 2000
On Sat, 13 May 2000, Nathan L. Cutler wrote:
NLC>> You neglect to take into account the BUGTRAQ factor (if you don't know what
NLC>> BUGTRAQ is, try typing "BUGTRAQ" into your favorite web search engine).
NLC>>
NLC>> In other words: "accumulating" knowledge of weaknesses would be of little
NLC>> use to the troublemakers because the weaknesses are widely publicized as
NLC>> they are discovered and fixes appear within days in most cases (sometimes
NLC>> hours).
NLC>>
NLC>> By the time the troublemakers unleashed their dastardly attack, most if not
NLC>> all of it would be obsolete.
Unfortunately, a large proportion of the machines on the interenet are not
closely managed for security. Think of univerisities and of all the
home machines on full-time connections...
In addition, while BUGTRAQ reports are good for closing specific holes,
often the fixes don't resolve the CLASS of exploits.
-Greg
More information about the Beowulf
mailing list