Re: [Full-disclosure] Publishing exploit code - what is it good for
From: Michael Holstein (michael.holstein_at_csuohio.edu)
Date: 06/30/05
- Previous message: Matt.Carpenter_at_alticor.com: "[Full-disclosure] Re: Publishing exploit code - what is it good for"
- In reply to: Aviram Jenik: "[Full-disclosure] Publishing exploit code - what is it good for"
- Next in thread: Jason Coombs: "Re: [Full-disclosure] Publishing exploit code - what is it good for"
- Reply: Jason Coombs: "Re: [Full-disclosure] Publishing exploit code - what is it good for"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 30 Jun 2005 14:05:33 -0400
> What I need is a security administrator, CSO, IT manager or sys admin that can
> explain why they find public exploits are good for THEIR organizations. Maybe
> we can start changing public opinion with regards to full disclosure, and
> hopefully start with this opinion leader.
Easy .. so we can develop ways to test for the problem.
Public exploit code leads (usually almost instantly) to
development/improvement of Nessus, Snort, etc. rules.
Cheers,
Michael Holstein CISSP GCIA
Cleveland State University
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: Matt.Carpenter_at_alticor.com: "[Full-disclosure] Re: Publishing exploit code - what is it good for"
- In reply to: Aviram Jenik: "[Full-disclosure] Publishing exploit code - what is it good for"
- Next in thread: Jason Coombs: "Re: [Full-disclosure] Publishing exploit code - what is it good for"
- Reply: Jason Coombs: "Re: [Full-disclosure] Publishing exploit code - what is it good for"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
