Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Why I should have the right to kill a malicious process on your machine

From: InfoSec News <isn () c4i org>
Date: Mon, 20 Jan 2003 02:57:49 -0600 (CST)
Forwarded from: "Bill Scherr IV, GSEC, GCIA" <bschnzl () bigfoot com>

See DIB:S

http://www.ists.dartmouth.edu/IRIA/projects/dibs/

It reports.  It does not send anything to the offending source!  Give
it a chance before we go spreading more "attacks" across the internet.

My $0.02

On 18 Jan 2003 at 3:26, InfoSec News wrote:


Right- my problem here is the reaction time frame- Let's say we've
got all of our neutralizing bots deployed world-wide; when SlapperII
hits, we've got to get all the IR and code guys on it pronto so they
can present vector and neutralization options.  We've got to get the
standards body to make an informed decision on if/how to apply
neutralization measures, and then deploy the updates to the field
units.  Case-by-case ISP analysis won't cut it.  They'll be flooded
before they can get a single phone call off...

But, that is still something to consider.


 



Bill Scherr IV, GSEC, GCIA
EWA / Information & Infrastructure Technologies
National Guard Regional Technology Center / Norwich Campus
Northfield, VT  05663
802-485-1962



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: