> > 1) The OS/software/default settings for a lot of internet connected > > machines are weak, making it easy to attack from multiple locations. > > > IŽll start looking for this to happen when Microsoft manages to release > an OS version which does not contain remote exploitable flaw before > the boxes hit the store self.
lots of late night pondering tonight. the anti-nat anti-firewall pure-end-to-end crowd has always argued in favour of "every host for itself" but in a world with a hundred million unmanaged but reprogrammable devices is that really practical? if *all* dsl and cablemodem plants firewalled inbound SYN packets and/or only permitted inbound UDP in direct response to prior valid outbound UDP, would rob really have seen a ~140Khost botnet this year? -- Paul Vixie
