[nsp-sec] DNS vulnerability CVE-2008-1447/VU#800113
Barry Raveendran Greene
bgreene at senki.org
Tue Jul 8 22:45:06 EDT 2008
> Thanks. It just feels like the "coordinated vendor
> announcements" for the SNMP ASN.1 problems, the BGP
> reset-injection problems, etc. Those got lots of attention,
> and lots of people running around, but the bad guys pretty
> much ignored them.
People hate my analogy, but that is the goal - activate the "cockroach
effect." If you shine a light on the floor of a room full of cockroaches,
they all tend to run away. The dumb ones don't and get stepped on.
Same goal here - shine the light on the problem. Everyone is watching. All
monitors are looked at. As soon as we get a dumb "cockroach" who scurries
out, we step on him/her.
The problem is, over time, when the light shines elsewhere. :-0
More information about the nsp-security
mailing list