North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Network and security experts (was Re: Dumb users spread viruses)

  • From: Kevin Oberman
  • Date: Mon Feb 09 13:06:17 2004

> Date: Mon, 9 Feb 2004 12:41:26 -0500 (EST)
> From: Sean Donelan <[email protected]>
> Sender: [email protected]
> On Mon, 9 Feb 2004, John Payne wrote:
> > --On Sunday, February 8, 2004 10:46 PM +0000 Paul Vixie <[email protected]>
> > wrote:
> > > There is nothing wrong with a user who thinks they should not have to know
> > > how to protect their computer from virus infections.
> > However, someone attending NANOG should at least have cleaned up slammer
> > before connecting to the wireless...
> I have never seen any evidence that security experts or network operators
> are any better at practicing security than any other user group.  In every
> forum I've been at, the infection rates have been similar regardless of
> the attendees security experience.
> Sometimes the attendees know about the issue, but do not have the power
> to fix it, e.g. corporate IT deparment controls the laptop they are
> required to use.  Other times, they are oblivious to the equipment being
> infected.
> I wouldn't be surprised if I went to a meeting at the Department of
> Homeland Security or NSA, their infection rates are similar.

At a recent large (last 6 months) trade show, the show network saw a
bunch infected systems pop up at once. The problem was tracked (fairly
quickly) to machines brought up by a vendor in their booth that lacked a
number of recent Microsoft Windows Critical Updates. I can't say who the
vendor was, but they REALLY should have been the FIRST to install any

If this happens, what hope do we have for "normal" users.
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: [email protected]			Phone: +1 510 486-8634