Full Disclosure mailing list archives
Re: The 'good worm' from HP
From: Florian Weimer <fw () deneb enyo de>
Date: Fri, 20 Aug 2004 20:43:57 +0200
Stuff like counter-attacking has been discussed often,
This isn't necessary counter-attacking. Most operators of large, decentralized networks who have some say on what's running on the machines (e.g. operators of educational or corporate networks) follow some process that detects compromised machines based on anomalous network activity, takes care of malware removal, and tries to ensure that the machine has up-to-date patches. These processes could surely benefit from some automation. There are quite a few products in this area, but all which I've heard of so far completely lack integration with existing trouble ticketing frameworks, which make them rather pointless because you don't want to throw away your existing processes. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Windows Update, (continued)
- Re: Windows Update Michael Schaefer (Aug 23)
- Re: Windows Update Barry Fitzgerald (Aug 23)
- RE: Windows Update joe (Aug 24)
- Re: Windows Update Barry Fitzgerald (Aug 24)
- RE: Windows Update joe (Aug 23)
- Re: Windows Update ASB (Aug 23)
- Re: Windows Update David Vincent (Aug 23)
- Re: The 'good worm' from HP Florian Weimer (Aug 20)
- Re: The 'good worm' from HP Valdis . Kletnieks (Aug 20)
- Re: The 'good worm' from HP Maarten (Aug 20)
- Re: The 'good worm' from HP Nick FitzGerald (Aug 20)
- RE: The 'good worm' from HP fulldisclosure (Aug 21)
- Re: The 'good worm' from HP michael williamson (Aug 21)
- Re: The 'good worm' from HP Maarten (Aug 21)
- Re: The 'good worm' from HP michael williamson (Aug 21)