IDS mailing list archives
Re: Are sophisticated attacks just FUD?
From: "Drew Simonis" <simonis () myself com>
Date: Wed, 30 Jun 2004 08:55:25 -0500
I'm looking for statistical data showing how frequent sophisticated attacks and advanced tools are evolved and what there damage is to the corporate. If anyone knows of a research showing if this is FUD or a real problem, I'd love to prove him wrong (I'm willing to admit I'd be happy to have some new toys ;)
There's a catch 22 here. Sophisticated, advanced attacks such as you are interested in would most likely not take advantage of "known" attack patterns. Advanced tools would use undisclosed exploits. As such, most IDS would not detect the activity. Anomaly based IDS may, depending on the exploit vector, but would the analyst be savy enough to know what just happened? So, raw evidence is, by the nature of the attack, sparse. In addition, these sorts of attacks imply a more targeted, intelligent approach as compared to attacks of opportunity. The damages from this sort of activity are equally hard to enumerate since most targeted companies are hesitant to disclose the attack. Maybe we'll see this trend change, maybe not. In the mean time, I'd be suspicious of any abstract studies. -Ds --------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- Re: Are sophisticated attacks just FUD? Drew Simonis (Jun 30)
- <Possible follow-ups>
- Re: Are sophisticated attacks just FUD? Brian Lund (Jun 30)
- RE: Are sophisticated attacks just FUD? Keith T. Morgan (Jun 30)
- RE: Are sophisticated attacks just FUD? Angel Rivera (Jun 30)
- RE: Are sophisticated attacks just FUD? drbitbucket (Jul 01)
- RE: Are sophisticated attacks just FUD? Steve Hall (Jul 01)
- RE: Are sophisticated attacks just FUD? Joshua Berry (Jul 01)
- RE: Are sophisticated attacks just FUD? Chuck Herrin (Jul 04)
- RE: Are sophisticated attacks just FUD? Rob Shein (Jul 01)
- RE: Are sophisticated attacks just FUD? Runion Mark A FGA DOIM WEBMASTER(ctr) (Jul 04)
- Re: Are sophisticated attacks just FUD? Anton A. Chuvakin (Jul 09)