[ISN] Cashing in on Vaporware

From: InfoSec News (isnat_private)
Date: Sat Apr 21 2001 - 00:04:59 PDT

  • Next message: Darren Reed: "[ISN] Remote controlled spy planes"

    http://www.attrition.org/security/rant/z/jericho.007.html
    
    Cashing in on Vaporware
    Thu Apr 19 09:17:21 MDT 2001
    Jericho
    
    "The CERT Coordination Center is a center of Internet security
    expertise", and they have a new product to sell you. Only it isn't
    really new - and it was never a stellar product to begin with.
    
    For years, CERT has been a federally funded group handling incident
    response, vulnerability analysis and published security alerts. They
    are perhaps the most well known for their advisories which enjoy a
    wide distribution.
    
    The Product: Advisories
    
    Many in the security community dismiss the CERT advisories as either
    old news or too vague to be of any practical use. The two major faults
    continually seen in their work are tardiness and complete lack of
    detail.
    
    CERT advisories often come weeks or months after the information has
    been made public in other forums such as Bugtraq or mainstream news
    outlets. For those in the security field who keep an eye on both sides
    of the fence, the notion that CERT provides useful information is a
    bigger joke. There have been many cases where vulnerabilities with
    working exploit code circulated in both underground and public
    security circles for months (in a few cases, years) before CERT
    responded with an advisory. This was seen with various Solaris RPC
    exploits, multivendor POP/IMAP exploits, and more recently with WU-FTP
    exploits. While some hackers are abusing these vulnerabiltiies and
    compromising a wide variety of hosts, CERT is often not aware of the
    vulnerability until they begin to correlate incident reports.
    
    [...]
    
    ISN is hosted by SecurityFocus.com
    ---
    To unsubscribe email LISTSERVat_private with a message body of
    "SIGNOFF ISN".
    



    This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 01:00:50 PDT