[Tfug] Ack! I suddenly became afraid of flying.

Jim Secan tfug@tfug.org
Tue Jan 28 13:54:01 2003 

At 03:32 PM 01/28/03 -0500, you wrote:
>The point of the matter is this was something that was a known bug. If
>admins would keep up to date on their patches, this wouldn't have been a
>problem. With things like Up2Date (Linux), CVSUpdate (FreeBSD), and the
>Windows Updater (Win2k or greater), this would seem like a easy task.
>However this only protects part of the network. With rogue servers on
>internal production networks it's very easy for a single host to get
>infected, and spread to other servers. Not to mention other things like
>development servers or any other test systems can play a part in this.
>Just remember many Jr and some Sr Admins think because their behind a
>firewall their safe.

Another side to this is time.  After the bursting of the Great IT Bubble
and the economic slide that followed, many companies turned loose IT
personnel and those who were "lucky" enough to remain employed had to do
their old jobs plus the jobs of those who were let go.  (God forbid that
anyone in marketing or the boss's sister's idiot cousin in HR be
surplused.)  This results in there not being enough time for the
already-harried sysadmin to keep on top of patches.  Yes, there are tools
and yes, this is a critical part of their jobs, but the reality is that IT
deptartments have been cut down past the bone into the marrow, and this
kind of security nightmare is the result.  The fact that it was an M$
product that got hammered is almost immaterial (although it is a nice icing
on the cake).  It takes time to keep any system up-to-date, particularly
complex corporate networks with pieces all over the world.

The funniest part of this whole thing is how surprised everyone is.  Many
'net gurus have been forecasting scenarios like this for years.  As the
oldie but goodie said:  "you ain't seen nothin' yet."

Jim
*---------------------*-------------------------------*
| Jim Secan           | Northwest Research Assoc, Inc |
| (jim@nwra-az.com)   | 2455 E. Speedway, Suite 203   |
| (520) 319-7773      | Tucson, Arizona 85719         |
|    Space Weather Info: http://www.nwra-az.com/      |
*---------------------*-------------------------------*