Re: Dumb users spread viruses
--On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie@vix.com> wrote:
There is nothing wrong with a user who thinks they should not have to know how to protect their computer from virus infections.
However, someone attending NANOG should at least have cleaned up slammer before connecting to the wireless...
Apparently this went out twice. Apologies for that - the wireless net went away before my mail client claimed the smtp transaction finished.
On Mon, 9 Feb 2004, John Payne wrote:
--On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie@vix.com> wrote:
There is nothing wrong with a user who thinks they should not have to know how to protect their computer from virus infections. However, someone attending NANOG should at least have cleaned up slammer before connecting to the wireless...
I have never seen any evidence that security experts or network operators are any better at practicing security than any other user group. In every forum I've been at, the infection rates have been similar regardless of the attendees security experience. Sometimes the attendees know about the issue, but do not have the power to fix it, e.g. corporate IT deparment controls the laptop they are required to use. Other times, they are oblivious to the equipment being infected. I wouldn't be surprised if I went to a meeting at the Department of Homeland Security or NSA, their infection rates are similar.
On Mon, Feb 09, 2004 at 12:41:26PM -0500, Sean Donelan wrote:
On Mon, 9 Feb 2004, John Payne wrote:
--On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie@vix.com> wrote:
There is nothing wrong with a user who thinks they should not have to know how to protect their computer from virus infections. However, someone attending NANOG should at least have cleaned up slammer before connecting to the wireless...
I have never seen any evidence that security experts or network operators are any better at practicing security than any other user group. In every forum I've been at, the infection rates have been similar regardless of the attendees security experience.
This is dramatically demonstrated by the number of NANOG attendees that do not utilize encrypted paths to communicate back to their offices and who do not maintain at least passable password standards for their own accounts. It always astonishes me to see passwords such as "asdfg", "microsoft", and "password" come up on that list. --- Wayne Bouchard web@typo.org Network Dude http://www.typo.org/~web/
On Mon, 09 Feb 2004 11:12:58 MST, "Wayne E. Bouchard" said:
This is dramatically demonstrated by the number of NANOG attendees that do not utilize encrypted paths to communicate back to their offices and who do not maintain at least passable password standards for their own accounts. It always astonishes me to see passwords such as "asdfg", "microsoft", and "password" come up on that list.
Been there, done that. We hosted a SANS-EDU event a while back, and had about 300 people in a lecture hall, most of whom had wireless access. I ran a small tcpdump on the wireless, grabbing only outbound SYN packets for port 110, 995, and the ports IMAP lives on. About lunchtime, I announced that I'd seen some 50 or so people using encrypted POP on 995, and 65 or so using it in plaintext. Somebody asked what data I was gathering, and I said "I'm a white hat, I only looked at SYN packets enough to make this announcement." Suddenly, we have 65 relieved looking people. Then I added "But I have no idea at all what people sitting out in the atrium are grabbing off the wire" - and we had 65 worried looking people. ;) I didn't see very many SYN packets on port 110 in the afternoon session. :)
In message <20040209181258.GA34537@typo.org>, "Wayne E. Bouchard" writes:
On Mon, Feb 09, 2004 at 12:41:26PM -0500, Sean Donelan wrote:
On Mon, 9 Feb 2004, John Payne wrote:
--On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <vixie@vix.com> wrote:
There is nothing wrong with a user who thinks they should not have to kn
ow
how to protect their computer from virus infections. However, someone attending NANOG should at least have cleaned up slammer before connecting to the wireless...
I have never seen any evidence that security experts or network operators are any better at practicing security than any other user group. In every forum I've been at, the infection rates have been similar regardless of the attendees security experience.
This is dramatically demonstrated by the number of NANOG attendees that do not utilize encrypted paths to communicate back to their offices and who do not maintain at least passable password standards for their own accounts. It always astonishes me to see passwords such as "asdfg", "microsoft", and "password" come up on that list.
Yah -- and you see that on telnets and snmp queries to live routers, on the nanog wireless net. That's *after* the demonstration that a few of us did last time... --Steve Bellovin, http://www.research.att.com/~smb
participants (5)
-
John Payne -
Sean Donelan -
Steven M. Bellovin -
Valdis.Kletnieks@vt.edu -
Wayne E. Bouchard