In message <20040209181258.GA34537@typo.org>, "Wayne E. Bouchard" writes:
On Mon, Feb 09, 2004 at 12:41:26PM -0500, Sean Donelan wrote:
On Mon, 9 Feb 2004, John Payne wrote:
--On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie@vix.com> wrote:
There is nothing wrong with a user who thinks they should not have to kn
ow
how to protect their computer from virus infections. However, someone attending NANOG should at least have cleaned up slammer before connecting to the wireless...
I have never seen any evidence that security experts or network operators are any better at practicing security than any other user group. In every forum I've been at, the infection rates have been similar regardless of the attendees security experience.
This is dramatically demonstrated by the number of NANOG attendees that do not utilize encrypted paths to communicate back to their offices and who do not maintain at least passable password standards for their own accounts. It always astonishes me to see passwords such as "asdfg", "microsoft", and "password" come up on that list.
Yah -- and you see that on telnets and snmp queries to live routers, on the nanog wireless net. That's *after* the demonstration that a few of us did last time... --Steve Bellovin, http://www.research.att.com/~smb