[iwar] Historical posting
From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
fc Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, Jan 1, 1999
From: Fred Cohen
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
First things first, nice to see my comments raised some concern to what we
are all dealing with during current technology. The rest is left to read
between the lines, and what are those lines that currently deal with
defensive and offensive measures.
1. Agreeable commercial products are more abundant out there but as we know,
some are in it for the obvious reason. Each and every system out here has
various holes, some of which are exploited daily and others which remain
hidden till someone takes the time to exploit them.
2. Why are Commercial vendors working so hard to put defensive
products(NetRanger) out there as well as offensive(CyberCop).
a. Commercial vendors supplying defensive products work based on known
signature attacks. It is unusual and rare to find a product breaking down
the traffic except for sniffing for known signatures.
b. Commercial vendors of offensive software market the product for what
the consumer wants in the latest toys.
note: Fred check last month at Purdue, they held the annual RAID conference
which grew out of a select group of individuals.
3. Universities (Purdue) cannot market products, they rely on sponsership
from various entities to put forth products. So has Spaff put out any
products under his sponsership, yes he has. What is next for the defensive
movement, having attended the RAID (Recent Advance Intrusion Detection)
there are lots of students from various schools working on various projects
for their thesis that deals with intrusion detection. The bad part behind it
is they do the research and then somebody from a commercial company picks up
on the idea and builds on it.
4. *.mil and *.gov have and will continue to be a tgt by various
individuals, is cybercrime going to hurt them, at this point no except by
hackers/crackers/phreaks looking to prove a point. Expound those attacks by
the aforementioned individuals to governments with a sizeable budget and all
sites with a government nature will become the selected tgt of a foreign
government.
Having typed the previous 4 paragraphs, what does it lead me to believe, we
are once again leaning more to defence then to offence. Why ?, what
commercial company has the time or the energy to fix all holes in commercial
products, every operating system out there starts off full of holes, it is
by programmers and other select individuals that release the the holes to
the public that give us cyber-warfare. If we were leading to offensive then
the holes would never be made public.
As far as Commercial versus Students for programs-products. Lets not forget
where our free operating system(Linux) started from
" An ounce of prevention is worth a pound of cure"
Glenn R Williamson
Glenn_Williamson@o...
-----Original Message-----
From: Fred Cohen fc@a...
To: iwar@onelist.com iwar@onelist.com
Date: Monday, October 18, 1999 10:46 PM
Subject: Re: [iwar] Here's a worthwhile one...
>From: Fred Cohen fc@a...
>
>In reference to the following view expressed by Chris Calvert:
>...
>> I have no information relating to IDS' at universities, however the
majority
>> of useful UNIX security tools are developed at university research
centers
>> such as COAST at Purdue. Tripwire, swatch, tiger, etc...
>
>FLAME ON
>
>Tripwire, swatch, and tiger were all free versions of capabilities that
>pre-existed in commercial products - with a subset of the commercial
>product features - and without proper citation to the previously
>published journal articles that led to their development.
>
>Keep trying, though... eventually you may come to an academic
>breakthrough...
>
>FLAME OFF
>
>FC
>
>>------------------
>http://all.net/