Fair enough, but the number of potential attackers is much lower. Most things called internal attacks shouldn't be.
Disgruntled ex-employees whose network access hasn't been revoked. Accidental moving/deleting of files. Executives having access to things they don't need "because they're the boss" deleting stuff. Etc. These are labelled attacks, but they aren't. Kev. ----- Original Message ----- From: "Trevor Lauder" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 02, 2002 1:13 PM Subject: Re: (clug-talk) Linux Work > It's just as important to patch internal boxes if not more important. 80 > percent of network attacks come from the inside, a firewall and patched > external boxes do you no good if someone takes it down from the inside. > > Trevor > > > To which I again point at the Mandrake 9 install thread. > > > > Neither system is perfect period. > > > > Back to the platform standardization issue, I only have 1 platform to > > test across. Compaq deskpro EVO 1.7 w/ 512 Megs of RAM. Other boxes > > are non-production, or whatever. > > > > Further, I generally do not need to immediately apply patches. Sure, if > > Apache has some major issue come out, then I'll patch it on external > > facing boxes. But I can wait a while before patching a BIND > > vulnerability on a box that runs internally only. Others can find > > problems for me, thanks... > > > > Kev. > > ----- Original Message ----- > > From: "Jesse Kline" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, December 02, 2002 11:54 AM > > Subject: Re: (clug-talk) Linux Work > > > > > >> Quoting Kevin Anderson <[EMAIL PROTECTED]>: > >> > >> > Would you install something onto a production box without testing it > > first? > >> > I test everything before it goes into production. Therefore, > >> actually emerging the app doesn't worry me, because I know it will > >> compile correctly, > >> > and install in my environment. I've already done it in test. > >> > >> There is a difference between you testing a package for a couple > >> hours, > > and > >> having it tested by a distributor. Before a version of Red > > Hat/MDK/whatever > >> comes out, the packages are tested by the author, in the lab, in alpha > > tests, in > >> beta tests, etc. Then once the distro. has his the market it is tested > >> by thousands of other people. I love having a system with the latest > >> and > > greatest > >> software but there are drawbacks. Just because a new version is > >> released > > doesn't > >> mean that it has less bugs than the old version. It could have a new > >> bug > > that > >> you missed, and then fucks up your server. Where as someone using Red > >> Hat > > 7.3 or > >> 8.0 still gets the security updates but also has the security of > >> knowing > > that > >> their packages have been tested by thousands of people, and have a > >> better > > chance > >> of working properly than something that was released yesterday and is > > running in > >> your production environment today. > >> > >> Jesse > > > > >
