[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <408F2096.9030003@onryou.com>
From: lists2 at onryou.com (Cael Abal)
Subject: AW: no more public exploits
Baum, Stefan wrote:
> IMHO, no sysadmin taking his work seriously, will wait patching the systems
> until an exploit is available throughout the internet.
>
> Stefan
> (I AM A SYSADMIN)
Cripes, this is the thread that never ends.
What if there were two patches fixing vulnerabilities of equal severity,
one with a known, published exploit and one without? Would you give one
priority (considering that rolling out a patch involves significant
testing)? You do perform regression testing, right?
What if you were juggling a slew of very high priority tasks and a patch
was made available? Would you drop everything (including those mission
critical jobs your boss' boss asked you to handle by days end) in order
to push that patch out the door immediately?
Part of being a good sysadmin (really, being a good /anything/) involves
being able to perform on-the-fly cost/benefit analyses. Realistically,
the lack of a widespread published exploit means an attack on any given
machine is less likely. An admin who chooses to ignore these
probabilities isn't looking at their job with the right perspective.
Take care,
Cael
Powered by blists - more mailing lists