(Unless this post is sarcastic...)Quote:
Originally posted here by ommy
ummm...yes I agree...I think its just a media hype....system administrators are wise enough to make installl patches....
i dunno ....may be some commercial benefits behind this hype...
Humm... no.
Systems adminstrators (or at least many if not most) have proven themselves times and times again to not be wise enough to patch. Just look at what happened with the Slammer worm. The patch for this bug was availible 6 months before it happend. And keep in mind that slammer only affected SQL Servers (and MSDE). In the "inevitably upcoming" worm, the RPC buffer overflow is present on ALL Windows (any unpatched version from 95 to server2003 and xp) boxes (!); This makes it even worst since not many home users are security consious enough to fetch and install the patch: this is why media attention is required to raise home user awareness.
My personal feeling on this is that we're gonna have ourselves one hell of a mess on our hands pretty soon. I think/hope that rather than wait for something to happen, ISPs and backbone providers, university netowrks, etc. will at least have ACLs ready (filter port 135) at hand when things go awry. Not a solution, but it'll probably the best way to slow down progression once it gets going.
Ammo
