On Fri, 07 Apr 2000 13:07:29 EDT, Stephen Kent said:
> but the gray area we're discussing does bother me.  If one cares 
> about knowing where the data originated, and that it has not been 
> altered, then one needs to make use of the tools provided to address 
> that concern.  if one doesn't use the tools, then one does not care 
> very much, and the results may be surprising :-).

The sad part is that in this day and age, we had to publish the SANS
DDOS Roadmap, which suggested that things would be a lot better if sites
installed the patches and did ingress/egress filtering.

I suspect that there is a *very large* portion of the Internet community that
does "care very much" (or at least enough to worry a little bit), but is
too new/clueless/whatever to properly find/install/configure the tools.

I encounter a lot of sites that install spam filters and firewalls because
they ARE concerned about spam, hackers, etc.  Unfortunately, a lot of them
Get It Very Wrong, and do stuff like bounce SMTP 'MAIL FROM:<>', or Do The
Wrong Thing with NTP traffic, etc etc.

I have to conclude that there's a lot of sites that *do* care very much, but
are lacking the technical expertise to use the tools.

Remember: There's 4 million .coms.  There's not 4 million experienced sysadmins.

                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

Reply via email to