Re: [ISN] Alert System Sought for Internet Attacks

From: InfoSec News (isnat_private)
Date: Mon Oct 29 2001 - 00:48:43 PST

  • Next message: InfoSec News: "[ISN] Microsoft hackers reached key programmes"

    Forwarded from: security curmudgeon <jerichoat_private>
    cc: Ariana Cha <chaaat_private>
    
    the other problem with this..
    
    companies that do something like this want to charge, and often too
    much (ie: iDefense), especially for an inferior service. others do it
    and provide too much info, so weeding out the noise is difficult (ie:
    bugtraq list for most admins). others simply don't give you enough
    information (ie: CERT), and all it takes is a single missed advisory
    and your organization is in trouble. others will give you Windows bug
    info, but not Solaris or HP.. making life hell on those working in
    mixed environments.
    
    the solution then is to create a check list type system. you pick what
    types of alerts you want to receive. solaris, check. windows, check.
    DNS, check. web browsing, check. worms, check.
    
    but who classifies these attacks? who determines what is a
    vulnerability or just a 'passing concern'? who warns you that the
    patch for the latest windows vulnerability will break previous patches
    and re-open you to other vulnerabilities.
    
    all in all, the solution i mention above has been tried and met with
    limited success at best. it costs too much to maintain a system like
    that and to keep staff around that can focus on such a task.
    
    based on previous attempts and a quick review of the situation, this
    is along the lines of asking the vendors to adhere to rigid secure
    coding practices.
    
    ---------- Forwarded message ----------
    From: InfoSec News <isnat_private>
    X-Sender: isnat_private
    To: isnat_private
    Date: Fri, 26 Oct 2001 04:55:06 -0500 (CDT)
    Subject: [ISN] Alert System Sought for Internet Attacks 
    
    http://www.washtech.com/news/regulation/13352-1.html
    
    By Ariana Eunjung Cha,
    Washington Post Staff Writer
    Thursday, October 25, 2001; 7:31 AM
    
    OAKLAND, Calif., Oct. 23 News of cyberattacks, viruses and hoaxes
    often spreads through the computer security world in the same
    haphazard way as gossip. Jonathan Disher, who oversees the security
    network for Internet Pictures Corp., for instance, gets his
    information from several Web sites, two e-mail lists, pages and phone
    messages.
    
    So far, he said his informal system has worked okay. But since Sept.
    11, Disher has been worried about how such a system would hold up
    under aggressive, targeted strikes by terrorist groups.
    
    "While we're not completely caught with our pants down, we're not as
    prepared as we should be," he said.
    
    Creating a "first alert" system for problems on the Internet has
    become a priority in recent weeks as the government has warned of
    possible attacks on the high-tech infrastructure. Richard A. Clarke,
    the adviser for cyber-security in the newly created Office of Homeland
    Security, has encouraged companies to create industry-specific
    information dissemination centers.
    
    [...]
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Oct 29 2001 - 07:03:44 PST