funsec mailing list archives
Re: idea
From: RandallM <randallm () fidmail com>
Date: Fri, 2 Jan 2009 11:16:56 -0600
------------------------------ Message: 4 Date: Thu, 1 Jan 2009 16:26:19 -0800 (PST) From: Todd Parker <kitsune () sbcglobal net> Subject: Re: [funsec] idea To: funsec () linuxbox org Message-ID: <125717.99715.qm () web83106 mail mud yahoo com> Content-Type: text/plain; charset="iso-8859-1" From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca> From:? ? ? ? ? ??? RandallM <randallm () fidmail com>Thought: Why can't we using the same type of process provide access to programsandor sites in the same manor so that the malware infections cannot "block" because the sites are not permanant?Additional thought:Symantec is and always will be "www.symantec.com", as with other sites.Low tech addition: How about collecting and publishing a list of helpfulIPaddresses, so that even if the hosts file or DNS is messed with some helpmightstill be available?Except that many sites, including Symantic are inconsistent with their usage of links within their site. In context, look at the source for this company's front page, and find the link for downloads. FQDN instead of a local reference. User is blocked again. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://linuxbox.org/pipermail/funsec/attachments/20090101/ebf4a462/attachment-0001.htm ------------------------------
Grandpa Rob is correct. Why not? What we have to come together on is it's not going to take a few but "MANY" of the "whiteHats" and AV companies to work together. I hear over and over again, the bad guys are winning. I am no one of importance but there are many on this list with the contacts to put something together like this. From the responces I read many "see" the idea. 1. Is there no funds for Akamai? Subscriptions? Contributions? 2. Are there no voluntary company's or organization to help in the collecting and publishing of IP's? 3. Mike Preston made mention of "distributed directory with metadata? He also mentioned "fast-flux". I had a similar thought with this just could not put it together in my mind. I don't know what the method is but there has to be one better then what we have. It's easy to say "harden" but the user and OEM''s don't do it now and haven't. Besides to much controversy with this and what the average user can handle. -- been great, thanks Big R aka RandallM
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: idea, (continued)
- Re: idea Rich Kulawiec (Jan 04)
- Re: idea nick hatch (Jan 04)
- Re: idea Ben (Jan 04)
- Re: idea der Mouse (Jan 04)
- Re: idea Remo Cornali (Jan 04)
- Re: idea rackow (Jan 04)