forgive my frustration from that day. when you have an unfortunately massive attack surface, most of which you don't control or need to jump through 3 weeks worth of notification-related hurdles to impose upon.. then the devils advocate angle was less intellectually stimulating :D
On Wed, Oct 29, 2008 at 10:56 PM, <[EMAIL PROTECTED]> wrote: > On Thu, 23 Oct 2008 21:50:23 EDT, Erik Harrison said: >> seriously, why is this even a conversation? patch. its important. you >> know why. the devils advocate angle really isn't something anyone >> dealing with deploying this patch to reams of systems wants to hear >> right now. > > The devil's advocate angle is something that some of us really *do* want to > deal with. If I'm about to push an "emergency" patch out to 30,000 desktops, > I > *really* want to know *exactly* how big my actual attack surface really is, so > I can make an informed decision whether I should be pushing it out to all 30K > the instant I get it, or push it out immediately to the 10K hosts that don't > have mitigating factors X, Y, or Z in place, or let my internal regression > testing have another 24/48/weekend. > > If Larry's machine is in fact suitably firewalled, he has the services turned > off, and he trusts any other machines on the "inside" of the firewalled net, > what *is* his attack surface? For starters, where's the attack going to come > *from*? > > (And I *wish* I was deciding whether to push it out to 30K desktops. Instead, > I have 30,000 academia users, most of them laptops coming and going several > times a day. It's like herding frikking cats. ;) > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
