Re: Cisco CTR

From: Gary Flynn (flynngn_at_jmu.edu)
Date: 11/06/03

  • Next message: Rob Shein: "RE: Cisco CTR" 
    Date: Thu, 06 Nov 2003 17:58:14 -0500
To: Rob Shein <shoten@starpower.net>

    Rob Shein wrote:

    > I think this largely relates to the earlier discussion about how there is a
    > difference between a "false positive" and an actual attack that fails to
    > succeed. Ask yourself this: are you going to want to know about all attacks
    > or just those that have a chance of success? If someone throws IIS attacks
    > at your apache web server, do you want to know about it...or do you want to
    > wait until they start using apache-compatible exploits?
    >
    > There's a good summary of what CTR does here:
    > http://www.cisco.com/en/US/products/sw/secursw/ps5054/

    Another thing to think about - some folks have a habit of patching
    the hole they came in through. Just because a vulnerability scan
    shows no vulnerability it does not mean an attack was unsuccessful. 

    -- 
Gary Flynn
Security Engineer - Technical Services
James Madison University
Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe
---------------------------------------------------------------------------
Network with over 10,000 of the brightest minds in information security
at the largest, most highly-anticipated industry event of the year.
Don't miss RSA Conference 2004! Choose from over 200 class sessions and
see demos from more than 250 industry vendors. If your job touches
security, you need to be here. Learn more or register at
http://www.securityfocus.com/sponsor/RSA_focus-ids_031023 
and use priority code SF4.
---------------------------------------------------------------------------
  • Next message: Rob Shein: "RE: Cisco CTR"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #267
      ... Analyzer automatically correlates attacks from various Firewall and network ... MICROSOFT VULNERABILITY SUMMARY ... Opera Web Browser Arbitrary Command Execution Vulnerability ... Cisco Security Agent Unspecified Local Privilege Escalation Vulnerability ...
      (Focus-Microsoft)
    • Re: Pelosi & Reid Will Not Like Progress Cited in Iraq Quarterly Report
      ... This is from 4 pages, less than 10 percent, of the report. ... Reid has called General Petraeus a liar for saying progress had been made in Iraq, and more recently he has called Petraeus and outgoing chairman of the Joint Chiefs,Marine Gen. ... Assessment of the Security Environment— ... the frequency and intensity of attacks on the ...
      (soc.retirement)
    • Re: Pelosi & Reid Will Not Like Progress Cited in Iraq Quarterly Report
      ... This is from 4 pages, less than 10 percent, of the report. ... Reid has called General Petraeus a liar for saying progress had been made in Iraq, and more recently he has called Petraeus and outgoing chairman of the Joint Chiefs,Marine Gen. ... Assessment of the Security Environment— ... the frequency and intensity of attacks on the ...
      (soc.retirement)
    • SecurityFocus Microsoft Newsletter #408
      ... IronKey flash dives lock down your most sensitive data using today's most advanced security technology. ... MICROSOFT VULNERABILITY SUMMARY ... DriveCrypt Incorrect BIOS API Usage Security Vulnerability ... A local attacker can exploit this issue to obtain passwords used by the application that may aid in further attacks. ...
      (Focus-Microsoft)
    • Re: Cracking WEP and WPA keys
      ... SecurityFocus wi-fi security mailing list. ... >>802.11G PCMCIA card, and the Linux server was running Samba to talk to ... >>Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
      (Pen-Test)
    • Quantcast