The worst thing about the exploit -- Have you done your part?
Chris Buxton
cbuxton at menandmice.com
Sun Jul 27 19:41:15 UTC 2008
On Jul 26, 2008, at 9:46 AM, Stephane Bortzmeyer wrote:
> Local mailing lists, user groups, etc, are also a good way to reach
> people (a single post on the french-speaking Debian mailing list
> brought me a lot of questions "Is it real?" "Should I patch now,
> really now?" etc).
On the other hand, I posted about this on a hardened Linux mailing
list, and received only ridicule and scorn in return. A security
professional who claims over 3 decades of Internet experience led the
charge, calling me paranoid and an alarmist. He specifically claimed
that, since he doesn't operate a resolving name server (he uses his
ISP, who have not patched their name servers as of my last check), and
since his authoritative name servers are all PowerDNS, he has nothing
to worry about, so why was I bothering the list with this irrelevant
nonsense?
All to say, don't expect it to necessarily be easy to convince people
this is a real problem.
(I've had better experiences elsewhere. And all of my friends and
family whose ISP's are not updated are using opendns.com.)
Chris Buxton
Professional Services
Men & Mice
More information about the bind-users
mailing list