Re: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting

From: The Central Scroutinizer (scroutinizer_at_beeb.net)
Date: 08/03/04

  • Next message: Ron DuFresne: "Re: FW: [Full-Disclosure] Question for DNS pros"
    To: <full-disclosure@lists.netsys.com>
    Date: Tue, 3 Aug 2004 19:19:57 +0100
    
    

    > How fast is fast? The time it takes an av, spyware or firewall
    > company to react to a real-time threat. I think there is going
    > to have to be a pooling of anti-virus, mail sweeping and firewall
    > protection knowledge. There should be a central policy that
    > can be reported and distributed to the various vendors and
    > clients that autoupdates the protecting software. Simply a
    > crisis-mail-alert with appropriate information for translation into a
    > protecting shield that updates all av, mail and firewall
    > utilities.
    >
    > Has anyone written or read a spec. on standardizing worm, virus
    > or other alerts with not just there's a'sploit, but a method of
    > reporting the 'sploit or adware, malware in a way that the
    > vendors and clients could instantly counter with a new filter or
    > fix?

    See :-

    http://www.eeye.com/html/Research/Advisories/
    http://www.cve.mitre.org/

    I agree there should be an open standard and common public libraries of
    exploits and fixes.

    Aaron

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Ron DuFresne: "Re: FW: [Full-Disclosure] Question for DNS pros"