Dailydave mailing list archives
Re: How do I defend against 0day?
From: Lurene Grenier <pusscat () metasploit com>
Date: Tue, 21 Apr 2009 09:27:00 -0400
1) Switch to an open-source operating system and open-source applications. Create custom forks of each of my applications' source trees, and patch my forks against the 0day vulnerabilities I purchased. Don't share my patches with the outside world.
Why is an open source operating system necessary for the creation of patches? Maybe Dave is suggesting you take classes and look at canvas so that you gain an understanding of 0-day attacks, both in how to create them, and thus how to defend against them by learning what makes them feasible in the real world (through classes), and also by learning the state of the art of exploitation of modern operating systems (through canvas) Then with that understanding, and with the knowledge of what is cost effective to your enterprise (functionality vs. sensitivity of data) you can take reasonable steps to protect that enterprise. Without this knowledge though, you're effed. -- ~ Lurene _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- How do I defend against 0day? Jeffrey Czerniak (Apr 20)
- Re: How do I defend against 0day? Ron Gula (Apr 20)
- Message not available
- Re: How do I defend against 0day? Jeffrey Czerniak (Apr 20)
- Message not available
- Re: How do I defend against 0day? Jeffrey Czerniak (Apr 20)
- Re: How do I defend against 0day? Lurene Grenier (Apr 21)
- Re: How do I defend against 0day? Halvar Flake (Apr 21)
- Re: How do I defend against 0day? Jeffrey Czerniak (Apr 20)
- Re: How do I defend against 0day? Nate Lawson (Apr 20)
- Re: How do I defend against 0day? Nathan Landon (Apr 20)