[AusNOG] FW: The worst thing about the exploit -- Have you done your part?

Noel Butler noel.butler at ausics.net
Mon Jul 28 18:11:59 EST 2008


On Mon, 2008-07-28 at 10:46, jay binks wrote:

> its probably quite easy to guess who, but is it worth a name & shame.
> A bit of bad publicity may get them patched :)


Not a bad idea Jay :)


> maybe a front page wingepool "story" on 1 month later, and these
> networks still have vulnerable DNS servers :)
> 


I wouldnt waste my time with whingepool, that wont get any real action
in these areas, not with the people concerned here, but Commsday and/or
AustralianIT stories certainly would.


> maybe thats just nasty. ( or asking for them to be exploited )
> but it may get some action.
> 


Nasty indeed, but given how nasty this problem is if they don't get off
their lazy asses and spend no more than 2 mins per machine to fix it, I
think it's worth it to get their attention

I also wouldn't just do them, I'd test all the well known services and
name and shame them all, not just target the two largest, because I can
tell you I've tested a couple of the small ones and they have had some
machines fail, but some pass  (perhaps distracted NOC staff?), but
either way, two weeks later, it really shows how outright lazy some of
the network operations staff are, and shows the contempt they have for
their customers, remember them? they are not hardly important to some,
after all they are only the ones really paying their salaries, Ok, sure
we all like to have a quiet time, chat, joke around and drink coffee,
but FFS, when there's work to be done, there is work to be done, are
they scared they will miss out on a couple cans of coke, or a couple
coffees if they have to do some work. .. *sigh*  I've  couldnt begin to
count the many cold coffees i've ended up over the years because
something serious needed immediate attention.

/end rant       :)

Cheers
Noel

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20080728/c4c9c955/attachment.html>


More information about the AusNOG mailing list