Re: idea

[RandallM <randallm () fidmail com>]

Unless I am not understanding (because I am reading it now) it still does
not give the solution of access when a machine is compromised. Hence what
Ben, Alex and I are examining, obfuscation to the sites with access to the
tools to clean them. Compromised machines cannot "get" to anything due to
DNS changes and re-directions from malicious servers.

Now, I have yet read the full report.



On Sat, Jan 3, 2009 at 3:16 PM, Paul Ferguson <fergdawgster () gmail com>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Sat, Jan 3, 2009 at 12:39 PM, Tomas L. Byrnes <tomb () byrneit net> wrote:
>
> > The concept of distributed/cloudAV has been worked on by the University
> > of Michigan crew that did the fundamental work that led to Arbor
> > Networks:
> >
> > http://www.eecs.umich.edu/fjgroup/cloudav/
> >
> > It's similar in detection concept to Sunbelt's new product in that it
> > uses multiple engines, and to the current discussion in that it is a
> > distributed system.
>
> Admittedly, this is also something we (Trend Micro) started working on a
> couple of years ago, especially the "distributed protection" components in
> "the cloud" -- we were one of the first to deploy. Not meant to be a
> marketing point, but FYI:
>
> http://itw.trendmicro.com/smart-protection-network/
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFJX9Wtq1pz9mNUZTMRAtOsAKDBeP3hjL4FamsSa8hYk12VGK4b5ACfbHtI
> mnwe4gv7legTAqijw8rHkTU=
> =G5hH
> -----END PGP SIGNATURE-----
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawgster(at)gmail.com
>  ferg's tech blog: http://fergdawg.blogspot.com/



-- 
been great, thanks
Big R a.k.a System

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.