Full Disclosure mailing list archives

Re: NiX API

From: Valdis.Kletnieks () vt edu
Date: Thu, 09 Jun 2011 11:33:59 -0400

On Thu, 09 Jun 2011 18:05:37 +0300, nix () myproxylists com said:

In most cases, the malicious user is denied access even before a
fraudulent purchase is made!

Since implementation of NiX API with it's current featuers: 0 fraudulent
purchases in last 2-3 weeks period. It definitely does something.


OK, I'll bite - how many *lost sales* did you have because NIX false-positived
and rejected a non-malicious user before a valid purchase was made?  Making
something that rejects *every* malicious attack is *easy* - just reject every
request.  Of course, that's not very practical for production use, so you end
up having to trade off false positives and negatives to minimize the total
cost...

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

NiX API nix (Jun 08)
- Re: NiX API phocean (Jun 08)
  - Re: NiX API mrx (Jun 08)
    - Re: NiX API nix (Jun 09)
    - Re: NiX API James Rankin (Jun 09)
    - Re: NiX API nix (Jun 09)
    - Re: NiX API Rove Monteux (Jun 10)
    - Re: NiX API Valdis . Kletnieks (Jun 09)
    - Re: NiX API nix (Jun 09)
    - Re: NiX API David Ford (Jun 09)
    - Re: NiX API mrx (Jun 09)
    - Re: NiX API nix (Jun 09)
    - Re: NiX API adam (Jun 09)
    - Re: NiX API jabea (Jun 09)
    - Re: NiX API nix (Jun 09)
    - Message not available
    - Message not available
    - Re: NiX API Aaron Turner (Jun 09)
    - Re: NiX API nix (Jun 09)
    - Re: NiX API Aaron Turner (Jun 09)

(Thread continues...)