lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: jkmanowar9 at fastmail.fm (jkm)
Subject: AT&T early warning system

On 18 Oct 2003 12:27:23 -0400, "Hoho" <hoho@...omeat.net> said:
> On Fri, 2003-10-17 at 22:44, jkm wrote:
> > Quote 2:
> > "AT&T saw anomalies in its network three to four weeks before that worm
> > hit and was able to take certain precautions. "When the worm actually
> > happened, AT&T's network did not take a hit,'' Eslambolchi said."
> 
> 
> Doesn't it seem like they're trying to violate causality? If the worm
> doesn't exist yet, then its associated traffic doesn't exist yet, hence
> there's nothing to detect. Wonder what those 'anomalies' were. Seems no
> more effective than just watching MS security patches and reading FD.
> -- 

Yeah, I agree unless as other threads are saying, the worm author
releases a test worm. I wonder if it would in fact catch script kiddies
and other criminal traffic, thus actually acting as an intrusion
detection system?
-- 
  jkm
  jkmanowar9@...tmail.fm

-- 
http://www.fastmail.fm - Consolidate POP email and Hotmail in one place


Powered by blists - more mailing lists