On Sun, Nov 15, 2009 at 12:52 PM, <[email protected]> wrote: > --- On Sun, 11/15/09, Dan Kaminsky <[email protected]> wrote: > >> Stuff on Windows is attacked because its popular. >> That's really all. > > I don't believe any system is "secure" if you can't continue to prove it from > moment to moment and I care a lot less about intrinsic weaknesses if you can > see when they are exploited. > > Therefore, if I was going to push for any sort of technical mandate to > address the issue at hand, it would be comprehensive log management. With > tools like Splunk and OSSIM (which has gotten really good in recent years) > available it has become within reasonable reach of anyone moderately serious > about security to monitor WTF is going on in their networks. More > importantly, it is now clear that over the next 5-10 years this will become > the nexus of security operations it has indicated it will over the last 5-10. > > Of course I am incredibly biased, which is why no-one responsible for > securing the entire US gov't infrastructure should just listen to me or any > one of us alone, but should rather hold the kind of mind-numbingly iterative > conversations that the document that started this thread represent to make > such decisions. > > -chris
Non-rhetorical question: What do we think the infection discovery rate is, and do we think it has increased or decreased in recent years? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
