|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: [Dailydave] CISSP quote of the week
From: Des (security
senticom.co.uk)
Date: Mon Apr 10 2006 - 17:34:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Well without wanting to be flamed, speaking to Roger Grimes end of last year, he was quite emphatic about two things from his experience with honeypots, that the greatest amounts of attacks came from automated scanners looking for existing vulnerabilities and that this fact meant that just changing the default ports was enough to protect against these attacks.
This may explain the CISSP statement, which given in the context of botnets being driven by organised crime might actually be true.
True 0days are never going to be detected by existing signature-based techologies used by the enterprise, but this doesn't mean that the noisy skiddie activity isn't the most prevelant. If it works, why reinvent the wheel?
Just as we judge others, let us be judged on our own objectivity.... just `cos it has CISSP tagged onto it doesn't mean it isn't true. :)
BTW I ain't no CISSP ;)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]