Re: Mutating software could predict hacker attacks (Two messages)

[William Knowles <wk () c4i org>]

Forwarded from: Dave Close <dave () compata com>
 
> But now software engineers at Icosystem in Cambridge, Massachusetts,
> have developed a program that can predict what is coming next by
> "evolving" future hacker and virus attacks based on information from
> known ones.

Isn't it obvious to anyone besides me that any such tool would be just
as useful to malware writers as to good guys? In fact, aren't some of
the malware mutations just such minor modifications? But if a malware
writer could incorporate such technology in the malware itself, he'd
have a self-mutating virus and anti-virus software would be useless.

I trust Icosystem is being very careful, but even publicizing the idea
can have consequences. And I have no doubt that the code itself will
eventually become available to those who might want it.
-- 
       Dave Close, Compata, Costa Mesa CA       +1 714 434 7359
       dave () compata com              dhclose () alumni caltech edu
"No woman in my time will be Prime Minister." -- Margaret Thatcher, 1969


-=-


Forwarded from: cjlamb () camharris com

I don't know what kind of firewall they use, but I know that our Cisco
Velociraptor does more than protect against "known attacks."  Is this
a case of FUD or this a case of someone not really knowing what the
hell they're talking about or just trying to capitalize on ignorance
to sell their product?

Regards,
CJ Lamb



http://www.newscientist.com/news/news.jsp?id=ns99994588

25 January 04

Novel computer viruses and worms can sweep the world within hours,
leaving a trail of devastation, because firewalls and antiviral
software work by identifying the telltale signatures of known attacks.
They are useless against anything completely new.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.