Linux kernel remote DoS, 20 mailing lists to read, best security training and insecure appliances
the sans isc reported on this:
two things i’d like to discuss are:
1. how many mailing lists do we have to read?
2. how real security training is done.
3. how this linux kernel vulnerability affects you where you may not even realize it.
on the first point – plenty. if you want to be in the security industry, read your favorite blog(s) or stay on 50 mailing lists reading a bunch of cesspool cr*p every day. that’s how it is.
that’s how real training in the security industry is done today. show me an alternative to the wide-range of knowledge, developing security-minded thinking and the right paranoia backed up by wisdom and tech-savvy? as well as knowing the b/s from what’s real.
as to this linux kernel vulnerability… how many of us heard about it? mailing lists are not perfect. however, most of those who would update their machines by now, already did.
what about the machines you can’t update and/or don’t know about?
how many third-party appliances such as application firewalls, i[dp]s systems and other such cr*p do you have on your network or worse – before it, ready to be exploited?
how many of these appliances run linux? how many of them run windows?
how many of them are secure enough to even have basic ports closed?
port scan them and find out.
when was the last time you received a vendor update for the machine itself?
i’d start worrying if i were you. not everything is a dos, and a dos from the entry to your network by one of your own machines is kind of bad, although solvable once you realize what causes it.