Dailydave mailing list archives
Re: Semi-anonymized moderation.
From: "Olef Anderson" <olef.anderson () gmail com>
Date: Mon, 28 Jan 2008 16:31:52 -0800
Again, small improvements are better than none.
This argument is NOT correct when the so called "improvements" steals time and money from an Enterprise. Going through IDS logs, configuring NIDS etc. are time and money consuming tasks that deliver little in return. There are actually far more rewarding things your IT security personal could do rather than shifting through immense amount of pointless IDS logs. How about auditing your webapps and third party applications ? Checking and deploying critical security fixes for the high risk environments etc etc This has been stated several times before but it won't hurt to say it again. Defending protocol parsers by writing more protocol parsers on top was the dumbest infosec idea ever concieved. And it amazes me that people making a living out of this, still trying to defend it with pointless than ever arguments. You lost the game, its time to change the game plan or to shut up. Let your sales drone do the evangelism. We are in 2008 and the art of hacking, REing, exploitation has evolved far beyond than your capabilities. Evolve or *die, simple as that ... -olef * I have always understood and agreed to the concept of companies making business on selling crap and people making a living on doing shit. I see that it is a necessary concept to keep the market economy going but I wouldn't take it as far as to defend it.
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Semi-anonymized moderation. Dave Aitel (Jan 28)
- Re: Semi-anonymized moderation. Kowsik (Jan 28)
- Re: Semi-anonymized moderation. Chris Rohlf (Jan 28)
- Re: Semi-anonymized moderation. Jon Oberheide (Jan 28)
- Re: Semi-anonymized moderation. Chris Rohlf (Jan 28)
- Re: Semi-anonymized moderation. Brian (Jan 28)
- Re: Semi-anonymized moderation. Mark Loveless (Jan 28)
- Re: Semi-anonymized moderation. Brian (Jan 28)
- Re: Semi-anonymized moderation. Lance M. Havok (Jan 28)
- Re: Semi-anonymized moderation. Olef Anderson (Jan 28)
- Re: Semi-anonymized moderation. Stephen John Smoogen (Jan 28)
- Re: Semi-anonymized moderation. Mark Loveless (Jan 28)
- Re: Semi-anonymized moderation. Kowsik (Jan 28)
- Re: Semi-anonymized moderation. Sec urity (Jan 28)