Re: Firewall configuration statistics

From: Brian Eckman (eckman_at_umn.edu)
Date: 06/23/03

  • Next message: Jonathan Grotegut: "RE: 40-bit VS 128-bit Encryption" 
    Date: Mon, 23 Jun 2003 11:37:38 -0500
To: security-basics@securityfocus.com

    security@rexwire.com wrote:

    (snip)

    > 25% of exploits had patch readily available
    >
    >
    > -SKP
    >

    Do you mean that you read that 25% of compromises were due to exploiting
    flaws that had a patch readily available?

    If so, there is no way that number is correct. Everything that I have
    read and experienced lead me to believe that a *vast* majority of
    compromises are due to flaws that have already been patched. I can't
    tell you the exact number, and I don't know who with any "authority"
    can. But I would bet dollars to doughnuts that it is definitely nowhere
    close to 25%, and more like 95-99% depending on your definition of
    "compromise".

    If that isn't what you meant, perhaps you can elaborate on that statement?

    Brian 

    -- 
Brian Eckman
Security Analyst
OIT Security and Assurance
University of Minnesota
612-626-7737
"There are 10 types of people in this world. Those who
understand binary and those who don't."
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
  • Next message: Jonathan Grotegut: "RE: 40-bit VS 128-bit Encryption"