[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] AT&T early warning system

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] AT&T early warning system
From: Hoho <hoho@tacomeat.net>
Date: 18 Oct 2003 12:27:23 -0400

On Fri, 2003-10-17 at 22:44, jkm wrote:
> Quote 2:
> "AT&T saw anomalies in its network three to four weeks before that worm
> hit and was able to take certain precautions. "When the worm actually
> happened, AT&T's network did not take a hit,'' Eslambolchi said."


Doesn't it seem like they're trying to violate causality? If the worm
doesn't exist yet, then its associated traffic doesn't exist yet, hence
there's nothing to detect. Wonder what those 'anomalies' were. Seems no
more effective than just watching MS security patches and reading FD.
-- 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] AT&T early warning system
  - From: S G Masood <sgmasood@yahoo.com>
- RE: [Full-Disclosure] AT&T early warning system
  - From: Steve Wray <steve.wray@paradise.net.nz>
- Re: [Full-Disclosure] AT&T early warning system
  - From: "jkm" <jkmanowar9@fastmail.fm>
- Re: [Full-Disclosure] AT&T early warning system
  - From: Jimmy Alderson <jimmy@digitalguardian.net>

References:
- [Full-Disclosure] AT&T early warning system
  - From: "jkm" <jkmanowar9@fastmail.fm>

Prev by Date: RE: [Full-Disclosure] Application level firewall
Next by Date: Re: [Full-Disclosure] Re: Gaim festival plugin exploit
Previous by thread: Re: [Full-Disclosure] AT&T early warning system
Next by thread: Re: [Full-Disclosure] AT&T early warning system
Index(es):
- Date
- Thread