| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jays at panix.com (Jay Sulzberger) Subject: AT&T early warning system On Fri, 17 Oct 2003, jkm wrote: > The related link: http://www.nwfusion.com/news/2003/0929att.html > > Quote 1: > "With Internet Protect, AT&T will use internally developed traffic > analysis tools to look for anomalies such as traffic spikes, traffic > drop-offs and unusual protocols in use." > > Quote 2: > "AT&T saw anomalies in its network three to four weeks before that worm > hit and was able to take certain precautions. "When the worm actually > happened, AT&T's network did not take a hit,'' Eslambolchi said." > > Does anybody know or has worked with this Internet Protect, AT&T is now > pushing as the next big thing. And I question whether quote 2 happened > exactly as Eslambolchi said. > For the network gurus, will traffic analysis prevent all or most attacks > be it worms or otherwise? My current view is that it is not a catchall > and the traffic anaylsis might also be used by AT&T for other stuff like > what Verisign did recently to sell more products or such. What do u > think? > > -- > jkm > jkmanowar9@...tmail.fm I am glad that a telephone company is working to bring the InterWeb under the same sort of statistical oversight as the telphone net was under circa 1950. Even the crudest of old fashioned traffic analysis, and the most elementary precautions against massive channeled scabland packet flows would have stopped most of the recent worm annoyances. oo--JS.
Powered by blists - more mailing lists