Great Circle Associates Firewalls
(July 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: CERT Advisories (was: Re: Dirty dogs)
From: "David J. Meltzer" <davem @ iss . net>
Date: Tue, 16 Jul 1996 10:30:48 -0400 (EDT)
To: firewalls @ GreatCircle . COM
In-reply-to: <9607161325 . AA7376 @ grcstm-nx02 . genre . com>

> One way to actually know what is going on is to get on the 'cracker' web 
> sights, bbs's, IRC's
> and fix the problems before they are released in CERT.
> 

This is actually quite a waste of time.  There are several mailing lists that
are commonly used by security professionals to initially report problems
(Bugtraq, Best of Security, Linux Security, Freebsd Security, etc.), and it
is vital that any security administrator stays current with anything relevant
being posted to these.  Unpublished information is not available on some
top secret web pages, only accessible by typing in "hacker" in altavista.
Unpublished information is not available by attempting to infiltrate some
secret hacker BBS.  Unpublished information is not available by asking for
it on IRC. 
CERT is certainly not a single resource to be relied upon as it is often
several months behind the mailing lists and only selectively issues 
advisories on problems.  Still, that is not grounds for sending security
conscious admins off on a wild goose chase.  If you have been so successful
in infiltrating the things you speak of and have found information that
has not been available through reading relevant mailing lists, I suppose you
have numerous unpublished exploits you are protecting your systems with?

Perhaps you could share a few with us?


--------------------------------+---------------------
       David J. Meltzer         | Email: davem @
 iss .
 net 
       Systems Engineer         |   Web:   www.iss.net 
Internet Security Systems, Inc. |   Fax: (404)252-2427










Follow-Ups:
References:
Indexed By Date Previous: Need some help.
From: tjlow @ pl . jaring . my (Low Taek Jho)
Next: Re: Need some help.
From: markj @ cdcc . com (Mark Januszka)
Indexed By Thread Previous: CERT Advisories (was: Re: Dirty dogs)
From: ygerman <ygerman @ genre . com>
Next: Re: CERT Advisories (was: Re: Dirty dogs)
From: "Matthew Cable/USA.NET Inc." <mec @ usa . net>

Google
 
Search Internet Search www.greatcircle.com