Full Disclosure mailing list archives
Re: AT&T early warning system
From: Hoho <hoho () tacomeat net>
Date: 18 Oct 2003 12:27:23 -0400
On Fri, 2003-10-17 at 22:44, jkm wrote:
Quote 2: "AT&T saw anomalies in its network three to four weeks before that worm hit and was able to take certain precautions. "When the worm actually happened, AT&T's network did not take a hit,'' Eslambolchi said."
Doesn't it seem like they're trying to violate causality? If the worm doesn't exist yet, then its associated traffic doesn't exist yet, hence there's nothing to detect. Wonder what those 'anomalies' were. Seems no more effective than just watching MS security patches and reading FD. -- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- AT&T early warning system jkm (Oct 17)
- Re: AT&T early warning system Jay Sulzberger (Oct 17)
- Re: AT&T early warning system jkm (Oct 17)
- Re: AT&T early warning system Hoho (Oct 18)
- Re: AT&T early warning system S G Masood (Oct 18)
- Re: AT&T early warning system jkm (Oct 19)
- RE: AT&T early warning system Steve Wray (Oct 18)
- RE: AT&T early warning system S G Masood (Oct 18)
- Re: AT&T early warning system Sascha Teifke (Oct 18)
- RE: AT&T early warning system Bruce Ediger (Oct 18)
- Re: AT&T early warning system S G Masood (Oct 18)
- Re: AT&T early warning system jkm (Oct 19)
- RE: AT&T early warning system Steve Wray (Oct 19)
- Re: AT&T early warning system Jimmy Alderson (Oct 22)
- Re: AT&T early warning system Jay Sulzberger (Oct 17)