AV/FW Adoption Sudies

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Jun 10 17:59:00 UTC 2004


On Thu, 10 Jun 2004 08:50:18 PDT, Eric Rescorla said:
> Valdis.Kletnieks at vt.edu writes:

> > Remember that the black hats almost certainly had 0-days for the
> > holes, and before the patch comes out, the 0-day is 100% effective.
> 
> What makes you think that black hats already know about your
> average hole?

Because unlike a role playing game, in the real world the lawful-good white
hats don't have any deity-granted magic ability to spot holes that remain
hidden from the chaotic-neutral/evil dark hats.

Explain to me why, given that MS03-039, MS03-041, MS03-043, MS03-044, and
MS03-045 all affected systems going all the way back to NT/4, and that exploits
surfaced quite quickly for all of them, there is *any* reason to think that
only white hats who have been sprinkled with magic pixie dust were able to find
any of those holes in all the intervening years?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040610/f612de83/attachment.sig>


More information about the NANOG mailing list