[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting
From: "The Central Scroutinizer" <scroutinizer@xxxxxxxx>
Date: Tue, 3 Aug 2004 19:19:57 +0100

How fast is fast? The time it takes an av, spyware or firewall company to react to a real-time threat. I think there is going to have to be a pooling of anti-virus, mail sweeping and firewall protection knowledge. There should be a central policy that can be reported and distributed to the various vendors and clients that autoupdates the protecting software. Simply a crisis-mail-alert with appropriate information for translation into a protecting shield that updates all av, mail and firewall utilities.
Has anyone written or read a spec. on standardizing worm, virus
or other alerts with not just there's a'sploit, but a method of
reporting the 'sploit or adware, malware in a way that the
vendors and clients could instantly counter with a new filter or
fix?

See :-

http://www.eeye.com/html/Research/Advisories/
http://www.cve.mitre.org/

I agree there should be an open standard and common public libraries of exploits and fixes.

Aaron


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting
  - From: Clairmont, Jan M

Prev by Date: Re: [Full-Disclosure] Netscreen 5GT Plus vs Fortigate-60
Next by Date: Re: FW: [Full-Disclosure] Question for DNS pros
Previous by thread: RE: [Full-Disclosure] Getting the lead out of broken virus / worm email meta-reporting
Next by thread: FW: [Full-Disclosure] Why should one buy (or not) an Appliance-based security gateway?
Index(es):
- Date
- Thread