[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
worm warning?
I think that we should send something like the following to
ietf-announce. I'm especially interested in the first paragraph.
(If anyone wants to wordsmith it, feel free; I'll be offline most of
Monday and Tuesday, and won't be able to respond.)
Worm Warning
If you use a Windows laptop, please make sure that it has the full set
of security patches. Additionally, *please* scan it to be sure that
it's not currently infected -- the wireless net at NANOG was more or
less non-functional the first morning because of aggressive scanning
activity by infected machines.
Also remember that neither wireless nor wired networks are at all
secure. Please use appropriate cryptographic mechanisms for any
sensitive traffic, including (of course) email passwords. There has
been "black hat" malicious activity from within the IETF net in the past,
including session hijacking.
--Steve Bellovin, http://www.research.att.com/~smb