Re: Semi-anonymized moderation.

["Olef Anderson" <olef.anderson () gmail com>]

Again, small improvements are better than none.
>

This argument is NOT correct when the so called "improvements" steals time
and money from an Enterprise. Going through IDS logs, configuring NIDS etc.
are time and money consuming tasks that deliver little in return. There are
actually far more rewarding things your IT security personal could do rather
than shifting through immense amount of pointless IDS logs. How about
auditing your webapps and third party applications ? Checking and deploying
critical security fixes for the high risk environments etc etc

This has been stated several times before but it won't hurt to say it again.
Defending protocol parsers by writing more protocol parsers on top was the
dumbest infosec idea ever concieved. And it amazes me that people making a
living out of this, still trying to defend it with pointless than ever
arguments. You lost the game, its time to change the game plan or to shut
up. Let your sales drone do the evangelism. We are in 2008 and the art of
hacking, REing, exploitation has evolved far beyond than your capabilities.
Evolve or *die, simple as that ...

-olef

* I have always understood and agreed to the concept of companies making
business on selling crap and people making a living on doing shit. I see
that it is a necessary concept to keep the market economy going but I
wouldn't take it as far as to defend it.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave