nanog mailing list archives

Re: AV/FW Adoption Sudies

From: Michael.Dillon () radianz com
Date: Fri, 11 Jun 2004 11:27:02 +0100

More likely, the software actually leaks like a sieve, and NEITHER group
has even scratched the surface..


How many leaks did the OpenBSD team find when they proactively audited
their entire codebase for the first time a few years ago? This would
be an indication of just how leaky an O/S might be expected to be.

Remember - every single 0-day that surfaces was something the black hats
found first.


And 0-day exploits are only the ones that the blackhats are willing
to talk about. If they keep quiet about an exploit and only use
it for industrial espionage and other electronic crimes then
we are unlikely to hear about it until a whitehat stumbles across
the blackhat's activities. Rather like the cuckoo's egg or the
recent complex exploit involving IE and the MS Help tool.

Have any of your customers ever asked you for a traffic audit report
showing every IP address that has ever sourced traffic to them
or received traffic from them?

--Michael Dillon

Current thread:

Re: AV/FW Adoption Sudies, (continued)
- - - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Paul G (Jun 10)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
    - Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
    - Re: AV/FW Adoption Sudies Steven M. Bellovin (Jun 10)
    - Re: AV/FW Adoption Sudies Michael . Dillon (Jun 11)
    - Re: AV/FW Adoption Studies Niels Bakker (Jun 11)