[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87n00py7iq.fsf@deneb.enyo.de>
From: fw at deneb.enyo.de (Florian Weimer)
Subject: The 'good worm' from HP
> Stuff like counter-attacking has been discussed often,
This isn't necessary counter-attacking. Most operators of large,
decentralized networks who have some say on what's running on the
machines (e.g. operators of educational or corporate networks) follow
some process that detects compromised machines based on anomalous
network activity, takes care of malware removal, and tries to ensure
that the machine has up-to-date patches. These processes could surely
benefit from some automation.
There are quite a few products in this area, but all which I've heard
of so far completely lack integration with existing trouble ticketing
frameworks, which make them rather pointless because you don't want to
throw away your existing processes.
Powered by blists - more mailing lists