|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
On Sun, 11 Feb 2007 10:49:30 -0600 Dave Pooser <[email protected]> wrote: > > > He was both right and wrong -- patches do break a lot of stuff. He > > was facing two problems: the probability of being off the air > > because of an attack versus the probability of being off the air > > because of bad interactions between patches and applications. > > Which is a bigger risk? > > That's an argument for an organizational test environment and testing > patches before deployment, no? Not an argument against patching. That > said, I would LOVE to see MS ship a monthly/quarterly unified updater > that's a one-step way to bring fresh systems up to date without > slipstreaming the install CD. Then press a zillion of 'em and put > them everywhere you can find an AOL CD, for all those folks on > dial-up who see a 200MB download and curl up in the fetal position > and whimper. > Surveys have shown an inverse correlation between the size of a company and when it installed XP SP2. Yes, you're right; a good test environment is the right answer. As I think most of us on this list know, it's expensive, hard to do right, and still doesn't catch everything. If I recall correctly, the post I was replying to said that it was a non-profit; reading between the lines, it wasn't heavily staffed for IT, or they wouldn't have needed a consultant to help clean up after Blaster. And there's one more thing -- at what point have you done enough testing, given how rapidly some exploits are developed after the patch comes out? --Steve Bellovin, http://www.cs.columbia.edu/~smb
|