Re: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting
From: The Central Scroutinizer (scroutinizer_at_beeb.net)
Date: 08/03/04
- Previous message: David Hane: "[Full-Disclosure] scanning IP Address List"
- In reply to: Clairmont, Jan M: "RE: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <full-disclosure@lists.netsys.com> Date: Tue, 3 Aug 2004 19:19:57 +0100
> How fast is fast? The time it takes an av, spyware or firewall
> company to react to a real-time threat. I think there is going
> to have to be a pooling of anti-virus, mail sweeping and firewall
> protection knowledge. There should be a central policy that
> can be reported and distributed to the various vendors and
> clients that autoupdates the protecting software. Simply a
> crisis-mail-alert with appropriate information for translation into a
> protecting shield that updates all av, mail and firewall
> utilities.
>
> Has anyone written or read a spec. on standardizing worm, virus
> or other alerts with not just there's a'sploit, but a method of
> reporting the 'sploit or adware, malware in a way that the
> vendors and clients could instantly counter with a new filter or
> fix?
See :-
http://www.eeye.com/html/Research/Advisories/
http://www.cve.mitre.org/
I agree there should be an open standard and common public libraries of
exploits and fixes.
Aaron
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: David Hane: "[Full-Disclosure] scanning IP Address List"
- In reply to: Clairmont, Jan M: "RE: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
