North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: zotob - blocking tcp/445

  • From: Sean Donelan
  • Date: Tue Aug 16 21:39:38 2005

On Tue, 16 Aug 2005, Christopher L. Morrow wrote:
> > I think you're overestimating the security clue of most businesses.  I'd
> > *love* to be proved wrong by somebody citing a credible survey indicating that
> > most businesses *are* Getting It Right....
>
> I think Sean Donelan had a survey he quoted a few months ago saying that
> most enterprises are still the den of iniquity... but I could have that
> backward.

The average business and average home user have similar computer infection
rates based on the data I saw on the ISP networks.  Pretty much anyway
you sliced the data, e.g. goverment, financial, marketing, education,
health care, high tech, low tech, home users, etc have similar rates.
Neither the size of the organization nor regulatory environment seems
to be a factor.

However, different individual organizations can have very different
infection rates.  What's interesting is within a particlar organization,
the infection rate tends to be homogenous: either better or worse.  Two
companies in the same industry group can have dramatically different
infection rates that persist for a long time.  But when you add together
all the companies in the industry group, the industry group average is
the same across all the groups.

Law of large numbers, regression to the mean, etc.