Re: Running program files on XP with non-executable extension?

From: Zvi Netiv (support_at_replace_with_domain.com)
Date: 11/04/05

  • Next message: Black Hat Announcements
    Date: Fri, 04 Nov 2005 17:58:57 +0200
    
    

    Leythos <void@nowhere.lan> wrote:
    > support@replace_with_domain.com says...

    [...]
    > > > Which does not change the fact that I've not had the experience of false
    > > > positives
    > >
    > > The reason could be little experience, or assuming that all the alerts that you
    > > saw were true positives, without confirming that they are indeed. Your
    > > assertions do not sound credible.
    >
    > I agree, if I was some slouch, I would think it not credible too, but as
    > I've been doing this type of work since the mid 70's, I would think that
    > I know a little about security by now :) I've designed everything from
    > small 5 node SOHO's to 400 node medical centers,

    So you say. How do I know that you aren't just boasting? Your stories sound
    too fantastic to me. Do you claim that all the users of the 1500 networks that
    you designed or managed are security super-aces like you and never blew it?

    > of all the ones we
    > manage, not one has been compromised, and I've only see a virus on two
    > that we didn't manage, but that was due to letting a unclean laptop into
    > the network, none of the other nodes were compromised.
    >
    > As for alerts of any type, they are always checked against two or three
    > AV products, so I feel comfortable that my statements are true on our
    > networks.

    What are the alerts upon, since you claim that the systems you manage were never
    compromised?

    Regards, Zvi

    --
    NetZ Computing Ltd. ISRAEL www.invircible.com www.ivi.co.il (Hebrew)
    InVircible Virus Defense Solutions, ResQ and Data Recovery Utilities
    

  • Next message: Black Hat Announcements

    Relevant Pages

    • Re: Running program files on XP with non-executable extension?
      ... > The reason could be little experience, or assuming that all the alerts that you ... > saw were true positives, without confirming that they are indeed. ... the network, none of the other nodes were compromised. ... As for alerts of any type, they are always checked against two or three ...
      (comp.security.misc)
    • Re: Running program files on XP with non-executable extension?
      ... > The reason could be little experience, or assuming that all the alerts that you ... > saw were true positives, without confirming that they are indeed. ... the network, none of the other nodes were compromised. ... As for alerts of any type, they are always checked against two or three ...
      (alt.computer.security)
    • Re: Running program files on XP with non-executable extension?
      ... >> The reason could be little experience, or assuming that all the alerts that you ... >> saw were true positives, without confirming that they are indeed. ... Do you claim that all the users of the 1500 networks that ... InVircible Virus Defense Solutions, ...
      (alt.computer.security)
    • Re: Security Central Consoles
      ... thus can not possibly cover all requirements for all networks. ... > I'm working on a report about existing Central Consoles that can gather and ... > centralize security information and alerts in a company network (IDS alerts, ... Secure Network Operations | ...
      (Security-Basics)
    • Logos, Crawls, Alerts,Pop-ups etc..
      ... Do the Networks really think that all of those logos, ... crawls, alerts and pop-ups are either helpful or necessary?? ...
      (rec.arts.tv)