|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Increasing ICMP Echo Requests
From: Rob Shein (shoten
starpower.net)
Date: Tue Aug 26 2003 - 14:30:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I agree with you more than words can convey...but guess what? They weren't
my procedures, and it wasn't up to any of us. We had to deal with it. This
is the crux of my entire point...not that systems are insecure despite
everyone in the world doing what they can do, but rather that the people on
this list are not the ones to be upset with. When
procedure/policy/implementation break down and someone has dropped the ball,
it's probably not a security geek, regardless how easy a target as one of
them may be. And that's life...trying to pretend that life can be otherwise
is futile. One month should be enough, perhaps...but what matters is that
it clearly isn't; that's why worms are getting worse rather than better.
The sooner we stop pretending that we can reverse the direction things are
going and come up with a different way to address these issues, the better.
> -----Original Message-----
> From: fergus [mailto:ferguscobbled.net]
> Sent: Tuesday, August 26, 2003 2:56 PM
> To: incidentssecurityfocus.com
> Cc: Rob Shein
> Subject: Re: Increasing ICMP Echo Requests
>
>
> On 23.08-20:58, Rob Shein wrote:
> > Ok, I have to take exception to some of this...
>
> if your assertions are true then i would suggest
> that the incident/threat response procedures,
> software selection/evaluation procedures and
> perhaps the change control procedures are in dire
> need of review.
>
> there will be many instances where you will
> not have a month. 1 month _should_ be enough.
>
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event. Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]