On Fri, 07 Apr 2000 13:07:29 EDT, Stephen Kent said:
> but the gray area we're discussing does bother me. If one cares
> about knowing where the data originated, and that it has not been
> altered, then one needs to make use of the tools provided to address
> that concern. if one doesn't use the tools, then one does not care
> very much, and the results may be surprising :-).
The sad part is that in this day and age, we had to publish the SANS
DDOS Roadmap, which suggested that things would be a lot better if sites
installed the patches and did ingress/egress filtering.
I suspect that there is a *very large* portion of the Internet community that
does "care very much" (or at least enough to worry a little bit), but is
too new/clueless/whatever to properly find/install/configure the tools.
I encounter a lot of sites that install spam filters and firewalls because
they ARE concerned about spam, hackers, etc. Unfortunately, a lot of them
Get It Very Wrong, and do stuff like bounce SMTP 'MAIL FROM:<>', or Do The
Wrong Thing with NTP traffic, etc etc.
I have to conclude that there's a lot of sites that *do* care very much, but
are lacking the technical expertise to use the tools.
Remember: There's 4 million .coms. There's not 4 million experienced sysadmins.
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech