Gadi Evron wrote:
On Thu, 21 Sep 2006, Dave Stewart wrote:
At 10:28 PM 9/21/2006, you wrote:
2) how is this different from any other large worm outbreak thing It's not. Which makes it operational in which sense?
I'm starting to think that these "alerts" need to be filed along with the daily "OMG, evil people are taking over your computer if you don't send this to at least 10 people" IMs.
Paranoia has its place, but this ain't the place.
The report is NOT paranoia. Several LARGE user ISPs suffer immensely from this. Use this information if it is useful to you and you encounter the same problems.
Gadi, your initial query lacked the factual background that would have been useful for someone to decide if it was relevant to them or not. While I do believe that the intersection of host and applications issues and networking has applicability here I will make two observations that I hope are not wildly off the mark. Many of the people on the operations side of networks do not spend a lot of time on security mailing lists. They also don't spend a lot of time looking into their own support organizations until until problems get escalated to them, so your initial post could have used more background. Even in an enterprise it's really hard to justify the expenditure that a rapid response to a host security problem involves. For an isp which is not likely to be in the position to recover the cost of being reactive let alone pro-active I can't imagine how they would possibly support desktop issues like this. joelja
Thanks,
Gadi.
-- ------------------------------------------------------------------------ Joel Jaeggli Unix Consulting joelja@uoregon.edu GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2