Bugtraq mailing list archives
RE: getting rid of outbreaks and spam
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Fri, 6 Feb 2004 12:02:47 -0500
From Thor: ...It is only when we start diverting those resources away from reactive solutions,
such as antivirus that have not hindered any major virus outbreak but even created the far worse problem of AV notifications, and towards proactive appliances and proper risk management that we can minimize our risk and shorten our window of exposure to threats. I agree that MyDoom demonstrates all too clearly the inherent limitations of conventional antivirus technology, but you're still unfair to it. First, the vast majority of attacks don't spread as far and as fast as MyDoom, and by the time one is likely to encounter it the AV companies have protection available, so conscientious users can protect themselves. Surely this is beneficial when it works, which is very often. Second, do you actually know that AV technology has never prevented a major outbreak? That would likely be an outbreak we didn't hear about. Finally, AV companies didn't cause the infrastructure problems, like unauthenticated SMTP, that facilitate our worst attacks.
ISPs and peering points should seriously consider the development and implementation
of technologies that can unintrusively and anonymously detect threats and filter packets that meet certain risk criterias, before governmental agencies wake up and start addressing the issue by regulations and law that will inevitably limit their control of private property. Too bad that mass-market ISPs could never afford to do this given current pricing expectations. This kind of protection would require making Internet access much more expensive as a general rule. The political outcry would be far worse than any reaction to an attack such as we have just experienced. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ larryseltzer () ziffdavis com
Current thread:
- Re: getting rid of outbreaks and spam Thor Larholm (Feb 06)
- Re: getting rid of outbreaks and spam Dave Warren (Feb 06)
- RE: getting rid of outbreaks and spam Larry Seltzer (Feb 09)
- <Possible follow-ups>
- RE: getting rid of outbreaks and spam Randal, Phil (Feb 10)