From owner-freebsd-security  Fri Jan 21 16:34:44 2000
Delivered-To: freebsd-security@freebsd.org
Received: from orion.ac.hmc.edu (Orion.AC.HMC.Edu [134.173.32.20])
	by hub.freebsd.org (Postfix) with ESMTP id 4BEBE156C2
	for <freebsd-security@FreeBSD.ORG>; Fri, 21 Jan 2000 16:34:42 -0800 (PST)
	(envelope-from brdavis@orion.ac.hmc.edu)
Received: (from brdavis@localhost)
	by orion.ac.hmc.edu (8.8.8/8.8.8) id QAA09410;
	Fri, 21 Jan 2000 16:34:24 -0800 (PST)
Date: Fri, 21 Jan 2000 16:34:24 -0800
From: Brooks Davis <brooks@one-eyed-alien.net>
To: Matthew Dillon <dillon@apollo.backplane.com>
Cc: Brad Guillory <round@baileylink.net>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Some observations on stream.c and streamnt.c
Message-ID: <20000121163424.C23771@orion.ac.hmc.edu>
References: <Pine.BSF.4.10.10001211649440.4460-100000@tetron02.tetronsoftware.com> <200001212258.OAA64329@apollo.backplane.com> <20000121171759.D56672@baileylink.net> <200001212349.PAA64869@apollo.backplane.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0pre4i
In-Reply-To: <200001212349.PAA64869@apollo.backplane.com>; from dillon@apollo.backplane.com on Fri, Jan 21, 2000 at 03:49:49PM -0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Jan 21, 2000 at 03:49:49PM -0800, Matthew Dillon wrote:
> Universities and ISPs generally have rampant compromised machines and some 
> of these, such as MIT, have hundreds of megabits of bandwidth to the 
> internet.  These are often the source of high-bandwidth attacks (not
> perpetrated by students so much as perpetrated by IRC weenies who have
> compromised the machines).

Speaking from the University perspective, I'm actually supprised by how
few boxes we've had hacked (and found out about).  The number of
unmodified RedHat 5.1 (containing at least 4 remote root exploits of the
top of my head) boxes out there is scarry.  Far to many students see
Linux as the "cool" OS so they install it, not realizing that you have
to keep up with the patches.  I've been suggesting daily nessus
scans to "encourage" students to upgrade, but that management types
don't like the idea of toasting most of the student boxes on a daily
basis.  How strange. ;-)

-- Brooks

-- 
"They that can give up essential liberty to purchase a little temporary
safety, deserve neither liberty nor safety." -- Benjamin Franklin.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message