Dailydave mailing list archives
Port 445, BB-style security news services,
From: Dave Aitel <dave () immunitysec com>
Date: Fri, 24 Jun 2005 11:50:49 -0400
http://www.eweek.com/article2/0,1759,1830698,00.asp Ok. I had to forward this. Because it made us laugh out loud here at Immunity HQ, and I figured it might give a few of you giggles too. Normally I don't just repost news articles, but this one is more of a spoof on a news article than an actual news article itself. "An ominous increase in sniffing activity on TCP Port 445 could signal an impending mass malicious code attack targeting a recently patched Microsoft vulnerability, according to a warning from security researchers." "Port scanning is an activity that may be indicative of an attempt to discover attack vectors against any vendor product and is not an activity unique to Microsoft products," she added. She said software engineers at Redmond would continue to analyze and monitor for any malicious activity but stressed that she was not aware of any customers being attacked via sniffing against TCP Port 445 and have not received any indication of malicious activity associated with MS05-027. "John Pescatore, VP of security research at Gartner Inc., said the reports of increased sniffing on Port 445 are a "serious concern for enterprise security managers" because such activity usually means a mass attack is imminent." This is the sort of article that could be autogenerated Bloomberg-style. A couple weeks ago Justine was looking into Immunity developing a Boomberg-like device for security specific news. Something marketed towards Stephen Scharf (the current CSO of BB) and people like him who don't have time to go click everywhere to learn what they need. Plus, scrollies look cool. I think the idea was to do it as a Buzzword-compliant JNXA web application that was distributed as a portable touchscreen device, hooked into Verizon's EDGE network so you wouldn't have to configure it at all or hook it up to your network. Ideally there'd be modules for various channels - things like IRC where you could connect all the Financial CSO's together and have them discuss their ongoing issues, if an emergency pops up. And of course, the ongoing news of the security world, sorted automatically by an automated filter. We might still do it since I think we could beat AT&T at the game handily, although I don't think articles like the above one would make it through the filter. :> -dave _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Port 445, BB-style security news services, Dave Aitel (Jun 24)
- RE: Port 445, BB-style security news services, Edward Ray (Jun 25)
- Re: Port 445, BB-style security news services, Steve Lord (Jun 25)
- RE: Port 445, BB-style security news services, Edward Ray (Jun 25)