That is why there should be a National Standards Organization for SPAM, Virii, Trojans, etc. etc. This is a critical need there should be an RFC created with a reporting database. All vendors would have be required to report it or they would not meet the International Standards. They would report the fix and a methodology for naming time/place of first origin report etc. per exemplar: A-virus1.1.2004.14:35:01EST.1 alias Mydoom.12 variant. Time stamp found and unique name type if they turn out to be the same variant, then the database purges any newer finds without too many duplications.
This is not that difficult it just needs to have a reporting authority. Without a centralized authority on reporting there is no way to effectively combat the threats to the internet. I am seeing great ideas, keep it coming. Jan Clairmont Firewall Administrator/Consultant -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Tuesday, August 10, 2004 10:47 AM To: Todd Burroughs Cc: Frank Knobbe; [EMAIL PROTECTED] Subject: Re: [Full-Disclosure] (no subject) On Tue, 10 Aug 2004 02:02:23 EDT, Todd Burroughs said: > No shit. They should at least get together and come up with some common > naming convention. They need to make some common "naming authority", it's > not difficult, we do it all the time with other software and as mentioned, > in all scientific disciplines. Software gets named over days/weeks. They crank out a new name for an element every few years. These things need names in *MINUTES* - often while the various A/V companies are looking at different copies of a polymorphic, multi-attack piece of malware. 5 blind men and an elephant time... and you want them to agree on a name before they even agree they're looking at the same thing??? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
