[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ILEPILDHBOLAHHEIMALBCEICENAA.jasonc@science.org>
From: jasonc at science.org (Jason Coombs)
Subject: [sean@...elan.com: Symantec detected Slammer worm "hours" before]
Whether or not DeepSight fielded a few nibbles from Sapphire before its
first successful penetration occurred, one has to ask the question "who
cares?"
If DeepSight couldn't tell administrators that their boxes exposed a
critical remote exploitable well-known buffer overflow vulnerability then
what good is it?
How can hundreds of thousands of smart people all focused on system
administration, programming, and infosec keep missing the simplest of
security flaws?
http://enterprisesecurity.symantec.com/content.cfm?articleid=1985&EID=0
"For example, the DeepSight Threat Management System discovered the
Slammer worm hours before it began rapidly propagating. Symantec's
DeepSight Threat Management System then delivered timely alerts and
procedures, enabling administrators to protect against the attack
before their environment was compromised."
Powered by blists - more mailing lists