lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.BSF.4.21.0302011148120.40380-100000@vapour.net>
From: batsy at vapour.net (batz)
Subject: interesting?

On Sat, 1 Feb 2003, Roland Postle wrote:

:It might seem frightening that sapphire reached 90% infection in 10
:minutes, but this is a feature of it's aggressive conectionless
:scanning with single packets, and the small address space the internet
:has, not it's particular scanning strategy. For a good discussion of
:(much) more effective strategies read,
:
:"How to 0wn the Internet in Your Spare Time"
:http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html

The really interesting part of this paper is their use of the 
"logistic equation" to describe the spread of the various
worms. 

They use: da/dt = Ka(1-a)

I guess my question fundamentally would be; could this
logistic equation be effectively used to describe the 
propagation of patch information from CERT, the ISA, etc, 
vs the propagation of patch information from Bugtraq/Fd etc..? 

So, can: da/dt = Ka(1-a) be used to describe the propagation 
of patch information, and what would the implications of it be? 

Where K is the rate of information spread (based on number of 
subscriptions to public lists vs. consortiums) 'a' being the
proportion of subscribers informed, 't' is hours, and 'd' 
seems to be iteration?

I am speaking way out of my depth, but my question is based upon 
the intuition and experience that informs my opinions on how
vulnerability information should be distributed. 

Is there another more appropriate formula that describes 
this problem? 

Cheers, 


-- 
batz


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ