nanog mailing list archives
Re: AV/FW Adoption Studies
From: Niels Bakker <niels=nanog () bakker net>
Date: Fri, 11 Jun 2004 22:20:26 +0200
[unattributed wrote:]
Remember - every single 0-day that surfaces was something the black hats found first.
* Michael.Dillon () radianz com [Fri 11 Jun 2004, 12:29 CEST]:
And 0-day exploits are only the ones that the blackhats are willing to talk about. If they keep quiet about an exploit and only use it for industrial espionage and other electronic crimes then we are unlikely to hear about it until a whitehat stumbles across the blackhat's activities. Rather like the cuckoo's egg or the recent complex exploit involving IE and the MS Help tool.
This "black hat" vs. other shade "hats" is unnecessarily polarising. A security researcher may, during the normal course of his employment, find a security vulnerability. Not talking about it could be a commercial advantage (if she does security audits, the discovery could potentially be used to gain access to otherwise closed portions of a customer's network) and not necessarily a sign of an evil mind.
Have any of your customers ever asked you for a traffic audit report showing every IP address that has ever sourced traffic to them or received traffic from them?
Surely this would be for comparison against their own logs of what they sent and received and not because they aren't logging their own very important data traffic? -- Niels.
Current thread:
- Re: AV/FW Adoption Sudies, (continued)
- Re: AV/FW Adoption Sudies Paul G (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Steven M. Bellovin (Jun 10)
- Re: AV/FW Adoption Sudies Michael . Dillon (Jun 11)
- Re: AV/FW Adoption Studies Niels Bakker (Jun 11)