AV/FW Adoption Sudies

Michael.Dillon at radianz.com Michael.Dillon at radianz.com
Fri Jun 11 10:27:02 UTC 2004


> More likely, the software actually leaks like a sieve, and NEITHER group
> has even scratched the surface..

How many leaks did the OpenBSD team find when they proactively audited
their entire codebase for the first time a few years ago? This would
be an indication of just how leaky an O/S might be expected to be.

> Remember - every single 0-day that surfaces was something the black hats
> found first.

And 0-day exploits are only the ones that the blackhats are willing
to talk about. If they keep quiet about an exploit and only use
it for industrial espionage and other electronic crimes then
we are unlikely to hear about it until a whitehat stumbles across
the blackhat's activities. Rather like the cuckoo's egg or the
recent complex exploit involving IE and the MS Help tool.

Have any of your customers ever asked you for a traffic audit report
showing every IP address that has ever sourced traffic to them
or received traffic from them?

--Michael Dillon





More information about the NANOG mailing list