Information Security News mailing list archives
RE: MyDoom sparks talks of security's future (Three messages)
From: InfoSec News <isn () c4i org>
Date: Wed, 4 Feb 2004 03:52:06 -0600 (CST)
Forwarded from: Chad W. Didier <cdidier () cdsupportservices com> Why not quarantine individual computers or networks at the ISP level then redirect them to a proxy that does nothing but tell the users/admins their network is compromised and quarantined and will remain so until the problem is solved? The ISP could even offer an online virus scan as a possible means to clear up their machine and allow them access to the internet. All internet data funnels through an ISP at some point. If virus threats are as serious as the industry moans and groans about then how come we haven't seen serious attempts to quarantine infected individuals or entire networks thereby preventing continued spread of the virus and driving home the seriousness of that individual or organization's failure to protect their own systems. A doctor will quarantine a person or group if he believes them to be infectious with a serious illness. Why then are we not quarantining our digital selves? Obviously, the expectation that an individual or organization is going to do what is right and follow best practices isn't working. -=- Forwarded from: Kurt <kurtbuff () spro net> Ya know, someone could do the world a large favor if they actually wrote what a lot of people have speculated about - a MyDoom variant that spreads, but after some period of time formats the local hard drive. I'm no fan of viruses, nor especially of virus writers, but if someone did this, it would actually help reduce a lot of problems, including spam. -=- Forwarded from: "Henderson, Dennis K." <Dennis.Henderson () umb com> How about simply not allowing SMTP direct to the Internet? Geez, that's a no-cost solution for companies with firewalls.. Dennis -----Original Message----- From: William Knowles [mailto:wk () c4i org] Sent: Tuesday, February 03, 2004 5:50 AM To: isn () attrition org Subject: [ISN] MyDoom sparks talks of security's future http://news.com.com/2100-7349_3-5152165.html By Robert Lemos Staff Writer, CNET News.com February 2, 2004 The virus, which has combined many old attack techniques into a successful package, was hardly blunted by antivirus programs during the first few hours of its exponential spread. That's a problem, said Shlomo Touboul, CEO of security software maker Finjan Software. "The MyDoom attack should never have propagated so far into the Internet," he said. "It is obvious that we need another layer (of software) to protect during the first hours of attack." - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- RE: MyDoom sparks talks of security's future (Three messages) InfoSec News (Feb 04)