Subscribe to the Free Print Edition!
Celebrating 25 Years

GCN Home > 05/22/06 issue

R. Fink | The Packet Rat: A pestilence of patches refuses to wear thin

By R. Fink

Story Tools:

  • Purchase a Reprint
  • Link to this page
Sure, the Rat is paranoid. But given the sheer number of new potential attack vectors on his agency’s data security he finds out about every day, that paranoia is probably rational.

Take the first week of May, for example. In that week, it was announced that a “worst-case scenario” security bug had been detected in the X11 foundation of Unix and Linux graphical user interfaces; that the number of security flaws found in the Mac OS X platform have been growing exponentially over the past few years; and, oh, yes, that Microsoft was expected to ship yet another crop of “critical” security patches shortly.

Given how much fun the whiskered one and his crew had with the last batch of Window pains that Microsoft kicked out the door, the promise of yet another round of playing “Find the Failed Dependency in Your Architecture” set his heart aflutter.

When the advance notification of the fixes arrived, he started thinking about all the bad things that could happen once he applied the critical update to Exchange Server and Windows, and was forced to reboot affected machines—bad things like the servers deciding not to restart.

The current set of Windows servers on the Rat’s network—and yes, somehow there still are some—are beginning to age. And the cyberrodent still sobs when he thinks back to the post-Code-Red patch avalanche that caused two of his servers to reboot themselves to death. While he’s got his team doing a thorough walkthrough on a test bed, the Rat still has plenty of room for concern.

And even though the announced vulnerability in X11 has been fixed already—the problem was a single missing close-parenthesis, discovered by a scan of the source by Homeland Security Department contractor Coverity—the wirebiter has been kept up a few nights by the question of whether every Unix and Linux system on his network has gotten the fix.

Then there’s the Mac vulnerabilities, many of which (according to antivirus and security tool vendor McAfee, which might have a little bit of a conflict of interest here) are related to Apple’s iTunes platform. Apple made patches to its Safari browser and the Java distribution on OS X earlier this year. While the Rat isn’t overly worried about the Macs at the moment—based on his agency’s limited Mac population—he’s already beginning to assess what kind of risk the arrival of Intel-based Mac laptops on his network will bring once his few authorized Mac users start itching to upgrade.

“Just because I’m paranoid,” the Rat told his department head, “doesn’t mean that somebody isn’t out to get us. Maybe we could go back to pneumatic tubes for data exchange—at least we know we can secure them.”

“Or we could just tie handwritten, encrypted notes to the back of ferrets,” his boss replied. “Then you could spend your time making sure all the ferrets are fed.” The Rat briefly considered the needle-sharp teeth and rodent-unfriendliness of his boss’ proposed packet-haulers. “Okay, so Microsoft updates it is, then,” he blurted out. “There are some things more painful than patches, after all.”

The Packet Rat once managed networks but now spends his time ferreting out bad packets in cyberspace. E-mail him at rat@postnewsweektech.com.

More news on related topics: IT Security