Forwarded from: McDonald Patrick <mcdonald_patrickat_private> I have to respectfully disagree with Chris Wysopal. <snip> "Chris Wysopal, director of research and development for security company @Stake, argued that an early warning can sometimes actually hurt security, tipping off malicious attackers to the vulnerability." <snip> Does early warning help script kiddies, most definitely. However it also helps admins protect their systems against these attacks. A script kiddie can't use an exploit that an admin has prepared against. Thus the exploit is useless against an informed admin. We can see this with w00w00's most recent advisory. w00w00's advisory did provide script kiddies with a new weapon (the exploit code), however they also provided protection against it (AIM filter and restricting incoming requests). How many of us downloaded AIM filter the moment we verified the advisory? Every person who loaded AIM filter was once less target for the newly armed script kiddies. Pat As an afterthought, does anyone else find it interesting that Microsoft .Net (secure Internet lol) already has its own virus (see ISN's post titled Virus writers take an early crack at .Net. Microsoft failing the security test, they haven't even bothered to show up. -----Original Message----- From: owner-isnat_private [mailto:owner-isnat_private]On Behalf Of InfoSec News Sent: Friday, January 11, 2002 10:47 AM To: isnat_private Subject: [ISN] Microsoft failing security test? http://www.zdnet.com/zdnn/stories/news/0,4586,5101593,00.html?chkpt=zdhpnews 01 By Robert Lemos Special to ZDNet News January 11, 2002 4:38 AM PT Microsoft's security initiatives and the release of the company's "most secure operating system yet" haven't quashed myriad holes that security experts say put customers in harm's way. Although the software titan has been touting the need for security through its Secure Windows Initiative, the recent revelation of a severe flaw in the company's flagship Windows XP operating system--combined with the discoveries of several recent Internet Explorer browser holes--has left security experts questioning whether Microsoft can fully lock down its products. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jan 14 2002 - 07:01:24 PST