[EMAIL PROTECTED] writes:
> The one thing that bothers me about this is that the vulnerability that
> they are exploiting was patched almost two months ago. The day that the
> vulnerability was announced, there was an easy fix: upgrade BIND to
> 8.2.3-REL. I did 5 servers in under an hour, and with no interruption to
my
> users or to the public sites.
Linux is the fastest growing OS on the planet, & indeed in the history of
the human race. Most Linux users are:
1) Not sysadmins.
2) Not familiar with security (What OS do they usually use, remember?).
3) Not connected to the internet in many cases.
4) Not on the security mailing lists. Often not on *any* mailing list.
> Not having time just doesn't fly here. I
> can't imagine that there is anyone out there in a sysadmin or security
role
> that doesn't know about the vulnerability.
Not having time to learn that the problem exists counts.
As big a mouth for Linux that I am, my employer does not pay me to be a
Linux sysadmin. I do that as part of my volunteer advocacy, on my own time.
I know about the vulnerability, but I wasn't able to update my servers that
fast,
because I first checked what all needed to be done.
I needed a while to do this, because I can't devote enough time to Linux.
I also have to spend some of the Linux time I make to learning other aspects.
And I spend quite a bit of my time on Linux. Most Linux people don't have
that much time to spend.
Bob Sparks
Linux mouth
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
