[iwar] [fc:CERT:.Security.reports.multiplying]

From: Fred Cohen (fc@all.net)
Date: 2002-07-17 19:21:49


Return-Path: <sentto-279987-5001-1026958823-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 17 Jul 2002 19:23:08 -0700 (PDT)
Received: (qmail 16857 invoked by uid 510); 18 Jul 2002 02:19:43 -0000
Received: from n28.grp.scd.yahoo.com (66.218.66.84) by all.net with SMTP; 18 Jul 2002 02:19:43 -0000
X-eGroups-Return: sentto-279987-5001-1026958823-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.197] by n28.grp.scd.yahoo.com with NNFMP; 18 Jul 2002 02:20:23 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_7_4); 18 Jul 2002 02:20:22 -0000
Received: (qmail 84387 invoked from network); 18 Jul 2002 02:20:22 -0000
Received: from unknown (66.218.66.216) by m4.grp.scd.yahoo.com with QMQP; 18 Jul 2002 02:20:22 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.scd.yahoo.com with SMTP; 18 Jul 2002 02:20:22 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g6I2Lnt14593 for iwar@onelist.com; Wed, 17 Jul 2002 19:21:49 -0700
Message-Id: <200207180221.g6I2Lnt14593@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Wed, 17 Jul 2002 19:21:49 -0700 (PDT)
Subject: [iwar] [fc:CERT:.Security.reports.multiplying]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, hits=3.2 required=5.0 tests=RISK_FREE,FREE_MONEY,DIFFERENT_REPLY_TO version=2.20
X-Spam-Level: ***

CERT: Security reports multiplying
By Vivienne Fisher
ZDNet Australia
July 16, 2002, 7:23 AM PT


TalkBack!


A dramatic increase in the number of reported computer system
vulnerabilities has the global IT industry spooked, but the world's leading
security authority said there is an upside to this threat.

Larry Rogers, a senior member of the technical staff at the US-based CERT
Coordination Center, told ZDNet Australia that for the 2001 calendar year,
there were 2437 vulnerabilities reported. This compares with 1090 reported
in 2000.

For the first three months of this year, 1065 had been reported, Rogers
said.

What is responsible for such alarming growth in reported system
vulnerabilities?

Rogers believes that there has been an increased awareness of security
issues amongst businesses for a variety of reasons, including the September
11 terror attacks on the United States.

Threats posed by vulnerabilities have been on the radar of Australian
businesses over recent months. Last week a Danish security research
organisation warned users of a recently-discovered software flaw which could
leave their systems open to malicious code carried on Web pages or in
e-mails.

There has also been an alert about a BIND vulnerability which could trigger
a denial-of-service attack, and a growing number of virus warnings.

The CERT Coordination Centre, which studies Internet security
vulnerabilities, handles computer security incidents and publishes security
alerts, published 37 advisories during 2001, up from 26 for the previous
year, Rogers said.

He said advisories were issued in response to both program vulnerabilities
or configuration errors. "In some cases the person who finds it will report
it to us, or we may read about it on some of the more widely known e-mail
lists," he explained. Vendors also report problems to CERT, Rogers said,
which it then shares anonymously with other vendors before issuing an
advisory.

According to Rogers, the vast majority of its constituency were professional
system administrators, although others such as vendors also subscribe to its
lists.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Free $5 Love Reading
Risk Free!
http://us.click.yahoo.com/TPvn8A/PfREAA/Ey.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:31 PDT