From: InfoSec News (isnc4i.org)
Date: Wed Feb 04 2004 - 03:52:06 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Chad W. Didier <cdidiercdsupportservices.com>

Why not quarantine individual computers or networks at the ISP level
then redirect them to a proxy that does nothing but tell the
users/admins their network is compromised and quarantined and will
remain so until the problem is solved? The ISP could even offer an
online virus scan as a possible means to clear up their machine and
allow them access to the internet.

All internet data funnels through an ISP at some point. If virus
threats are as serious as the industry moans and groans about then how
come we haven't seen serious attempts to quarantine infected
individuals or entire networks thereby preventing continued spread of
the virus and driving home the seriousness of that individual or
organization's failure to protect their own systems.

A doctor will quarantine a person or group if he believes them to be
infectious with a serious illness. Why then are we not quarantining
our digital selves? Obviously, the expectation that an individual or
organization is going to do what is right and follow best practices
isn't working.

-=-

Forwarded from: Kurt <kurtbuffspro.net>

Ya know, someone could do the world a large favor if they actually
wrote what a lot of people have speculated about - a MyDoom variant
that spreads, but after some period of time formats the local hard
drive.

I'm no fan of viruses, nor especially of virus writers, but if someone
did this, it would actually help reduce a lot of problems, including
spam.

-=-

Forwarded from: "Henderson, Dennis K." <Dennis.Hendersonumb.com>

How about simply not allowing SMTP direct to the Internet? Geez,
that's a no-cost solution for companies with firewalls..

Dennis

-----Original Message-----
From: William Knowles [mailto:wkc4i.org]
Sent: Tuesday, February 03, 2004 5:50 AM
To: isnattrition.org
Subject: [ISN] MyDoom sparks talks of security's future

http://news.com.com/2100-7349_3-5152165.html

By Robert Lemos
Staff Writer, CNET News.com
February 2, 2004

The virus, which has combined many old attack techniques into a
successful package, was hardly blunted by antivirus programs during
the first few hours of its exponential spread.

That's a problem, said Shlomo Touboul, CEO of security software maker
Finjan Software.

"The MyDoom attack should never have propagated so far into the
Internet," he said. "It is obvious that we need another layer (of
software) to protect during the first hours of attack."

-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]