Full Disclosure mailing list archives
RE: [sean () donelan com: Symantec detected Slamme r worm "hours" before]
From: "Sung J. Choe" <schoe () oicinc com>
Date: Thu, 13 Feb 2003 13:15:43 -1000
How can hundreds of thousands of smart people all focused on system administration, programming, and infosec keep missing the simplest of security flaws?
The same way that 100's of trained weapons inspectors in Iraq "know" that Saddam has weapons and yet keeps missing the weapons. .--------------------------------------------------. | Sung J. Choe <schoe[at]oicinc.com>, TICSA | | Systems Administrator, Facility Security Officer | .--------------------------------------------------.----. | Oceanic Imaging Consultants, Inc. | | Phone #: (808) 539-3634 x3634 | .-----------------------------------. 568D CAD6 53A0 92E6 4A2A 4E87 3BA0 5F90 37BB 8EE7
-----Original Message----- From: Jason Coombs [mailto:jasonc () science org] Sent: Thursday, February 13, 2003 9:00 AM To: Len Rose; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] [sean () donelan com: Symantec detected Slammer worm "hours" before] Whether or not DeepSight fielded a few nibbles from Sapphire before its first successful penetration occurred, one has to ask the question "who cares?" If DeepSight couldn't tell administrators that their boxes exposed a critical remote exploitable well-known buffer overflow vulnerability then what good is it? How can hundreds of thousands of smart people all focused on system administration, programming, and infosec keep missing the simplest of security flaws? http://enterprisesecurity.symantec.com/content.cfm?articleid=1 985&EID=0 "For example, the DeepSight Threat Management System discovered the Slammer worm hours before it began rapidly propagating. Symantec's DeepSight Threat Management System then delivered timely alerts and procedures, enabling administrators to protect against the attack before their environment was compromised." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Attachment:
schoe.vcf
Description:
Current thread:
- RE: [sean () donelan com: Symantec detected Slamme r worm "hours" before] Arjen De Landgraaf (Feb 13)
- <Possible follow-ups>
- RE: [sean () donelan com: Symantec detected Slamme r worm "hours" before] Sung J. Choe (Feb 13)