Re: undocumented vulrenabilities

From: Secure Lockdown (secure_lockdown_at_remove.yahoo.com)
Date: 07/06/04


Date: Tue, 06 Jul 2004 11:03:21 GMT

Colonel Flagg <colonel_flagg@NOSOUPFORJ00internetwarzone.org> wrote in
news:MPG.1b4e71c9d1309d40989def@news.charter.net:

> some of us knew what he meant...
>
> I *assume* he meant vulnerabilities that aren't documented with the
> manufacturer or security lists, and lord knows, there's plenty of 'em
> out there.

yo flagg, thanks, you always understand.

i read this stupid article in vanity fair (yeah, i know pretty lame! my
boss gave it to me - what is a geek supposed to do?) it covered the f-
secure guys in helsinki battling viruses.

anyway, the f-secure guy, ari hopponen or whatever was talking about the AV
vendors having connections to the community that keeps track of the
"undocumented" exploits/viruses - i.e. the AV vendors know when a virus is
going to hit before it hits and they can release a removel tool and update
their signature files before any damage gets done.

-- 
Secure Lockdown
CISSP, MCSE, Security+, Linux+