Re: [ISN] How Sharing Thwarts Hacks

From: InfoSec News (isnat_private)
Date: Wed Jan 15 2003 - 23:08:08 PST

  • Next message: InfoSec News: "[ISN] REVIEW: "Web Security, Privacy and Commerce", Simson Garfinkel/Gene Spafford"

    Forwarded from: H C <keydet89at_private>
    Cc: dennis_fisherat_private
    It occurs to amount of information sharing will be effective
    until the information is actually used for some purpose.
    And to be honest, we already know how most of the compromises are
    taking place...via publicly known vulnerabilities, and publicly
    available exploits.  The only "secret" information is who (which orgs)
    is actually succumbing to the attacks.
    Case in point(s): The directory transversal exploit to IIS was known
    for a while, but was exploited by sadmin/IIS worm, and others.  
    Machines are *still* falling to this exploit.  Microsoft, and others,
    have endorsed the common sense procedure of disabling unnecessary
    services, yet admins still fell to Code Red in record numbers...when
    simply disabling the ida/idq script mapping (which most of them
    weren't/aren't using anyway) would have protected them.
    The adage, "You can lead a horse to water but you can't make him
    drink" comes to mind.  Set up an encrypted version of iMesh or Kazaa
    or whatever you want to share files...the fact remains that security
    will remain the red-headed stepchild of IT, and will not receive the
    necessary resources (funding, time, personnel, etc).  Consulting firms
    will continue to dominate the landscape when it comes to security.
    --- InfoSec News <isnat_private> wrote:
    > By Dennis Fisher
    > January 13, 2003 
    > Two Harvard University security researchers have developed a model
    > showing that enterprises that share their sensitive data about
    > network attacks and security breaches are less attractive targets
    > and, hence, less likely to be attacked.
    > The paper, to be presented later this month at the Financial
    > Cryptography conference in Gosier, Guadeloupe, supports the U.S.  
    > government's contentions about the importance of sharing attack
    > data.  But it also concludes that many of the benefits that can
    > accrue from such an arrangement won't be realized soon.
    > "I absolutely believe that there's value in information sharing, and
    > I think that value will grow," said Stuart Schechter, a doctoral
    > candidate in computer science at Harvard, in Cambridge, Mass., and
    > co-author of the paper. "I think the change [toward information
    > sharing] will be driven by insurance companies, who will offer lower
    > premiums for companies that share."
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Jan 16 2003 - 01:12:20 PST