On Thu, 23 Oct 2008 21:50:23 EDT, Erik Harrison said: > seriously, why is this even a conversation? patch. its important. you > know why. the devils advocate angle really isn't something anyone > dealing with deploying this patch to reams of systems wants to hear > right now.
The devil's advocate angle is something that some of us really *do* want to deal with. If I'm about to push an "emergency" patch out to 30,000 desktops, I *really* want to know *exactly* how big my actual attack surface really is, so I can make an informed decision whether I should be pushing it out to all 30K the instant I get it, or push it out immediately to the 10K hosts that don't have mitigating factors X, Y, or Z in place, or let my internal regression testing have another 24/48/weekend. If Larry's machine is in fact suitably firewalled, he has the services turned off, and he trusts any other machines on the "inside" of the firewalled net, what *is* his attack surface? For starters, where's the attack going to come *from*? (And I *wish* I was deciding whether to push it out to 30K desktops. Instead, I have 30,000 academia users, most of them laptops coming and going several times a day. It's like herding frikking cats. ;)
pgpDSx8pp7Bgi.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
