On Sun, Dec 12, 2010 at 12:02 PM, Jeffrey Walton <[email protected]> wrote: > On Fri, Dec 10, 2010 at 11:52 PM, Charles Polisher <[email protected]> wrote: >> Adam Behnke wrote: >>> Hi everyone, InfoSec Institute author Russ McRee has written up an overview >>> on tools to ensure maximum readiness for incident response teams, including >>> drill tactics. PCI-DSS audits often require IR testing validation; drill >>> quarterly and be ready next audit cycle. >>> >>> http://resources.infosecinstitute.com/incident-response-and-audit-requirements/ >>> >>> Please let me know your thoughts. >> >> "Remember that you're playing with binaries that will likely cause >> antivirus to fire." >> >> I take issue with this statement. Tonight I tested $VENDOR's >> up-to-date anti-virus against 10 day-old malware samples captured >> from the wild - the detection rate was abysmal (225/539). >> Maybe your AV is better than mine. > Immunet (http://www.immunet.com/) would probably very useful in this > situation. Think of it a 'distributed antivirus definitions'. If one > $VENDOR catches it, your machine will most likely catch it since its > part of the cloud (forgive the cliché). > > The company was started by a fellow named Al Huger. I believe he also > started Bugtraq. When Bugtraq was commercialized by Symantec, Huger > moved on to Immunet.
>From Kurt Seifried off list: That is incorrect. Alephone started bugtraq independently. He then was "acquired" (for lack of a better term, he wasn't a business) by securityocus.com, of which Alfred Huger was a founder. I remember this well because at the time we (securityportal.com) were also making nosies about acquiring bugtraq (which at the time was the hot sh*t in security lists). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
