Forwarded from: H C <keydet89at_private> Cc: dennis_fisherat_private It occurs to me...no amount of information sharing will be effective until the information is actually used for some purpose. And to be honest, we already know how most of the compromises are taking place...via publicly known vulnerabilities, and publicly available exploits. The only "secret" information is who (which orgs) is actually succumbing to the attacks. Case in point(s): The directory transversal exploit to IIS was known for a while, but was exploited by sadmin/IIS worm, and others. Machines are *still* falling to this exploit. Microsoft, and others, have endorsed the common sense procedure of disabling unnecessary services, yet admins still fell to Code Red in record numbers...when simply disabling the ida/idq script mapping (which most of them weren't/aren't using anyway) would have protected them. The adage, "You can lead a horse to water but you can't make him drink" comes to mind. Set up an encrypted version of iMesh or Kazaa or whatever you want to share files...the fact remains that security will remain the red-headed stepchild of IT, and will not receive the necessary resources (funding, time, personnel, etc). Consulting firms will continue to dominate the landscape when it comes to security. --- InfoSec News <isnat_private> wrote: > http://www.eweek.com/article2/0,3959,825430,00.asp > > By Dennis Fisher > January 13, 2003 > > Two Harvard University security researchers have developed a model > showing that enterprises that share their sensitive data about > network attacks and security breaches are less attractive targets > and, hence, less likely to be attacked. > > The paper, to be presented later this month at the Financial > Cryptography conference in Gosier, Guadeloupe, supports the U.S. > government's contentions about the importance of sharing attack > data. But it also concludes that many of the benefits that can > accrue from such an arrangement won't be realized soon. > > "I absolutely believe that there's value in information sharing, and > I think that value will grow," said Stuart Schechter, a doctoral > candidate in computer science at Harvard, in Cambridge, Mass., and > co-author of the paper. "I think the change [toward information > sharing] will be driven by insurance companies, who will offer lower > premiums for companies that share." [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Jan 16 2003 - 01:12:20 PST