Dailydave mailing list archives

Re: How do I defend against 0day?

From: Nathan Landon <nathan.landon () digitaloperatives com>
Date: Mon, 20 Apr 2009 22:02:13 -0400

My argument would be that a security guy or administrator could use it as
amplifying information while speaking to executives at their
company.   Executives (still) don't understand zero-days,  or generally
anything about how computer security works.

CANVAS can help those IT folks amplify the information and demonstrate the
importance of taking action (disabling services, changing vendors, buy more
security technologies,  etc)

I personally have built exploits to prove that something is possible.
Ultimately to show the potential for catastrophic failure or system/network
compromise.  These demonstrations always got executives "thinking".

Nate





Nathan Landon
Digital Operatives
www.digitaloperatives.com
Cell: 808-221-9172


On Mon, Apr 20, 2009 at 7:58 PM, Richard Bejtlich <taosecurity () gmail com>wrote:

On Sun, Apr 19, 2009 at 4:55 PM, Jeffrey Czerniak <jeffcz () gmail com>
wrote:

(Moved this conversation to dailydave per Dave's suggestion)

Pardon my naivete... I am somewhere on the spectrum between "paid
security professional" and "Symantec said zero infections, how did
they get my bank password?"    I'm one of those schmoes who reads
security blogs, follows the NSA hardening guidelines, patches
regularly, browses with Firefox/NoScript, but still realizes that
there are 0day threats out there that could compromise my machine.

On Twitter, Adam Shostack argued that in effect, I'm doing the right
thing.  (http://twitter.com/adamshostack/status/1527933467)

Dave responded, no, 0day is rampant and I'm screwed.
(http://twitter.com/daveaitel/status/1553055665)

When I asked Dave what I should be doing to protect myself, he
suggested I buy a copy of CANVAS, an Early Updates subscription, and
take a class from Immunity.
(http://twitter.com/daveaitel/status/1554813723)


I find this fascinating.  Can someone who advocates this point of view
take the next steps?  Assuming you buy CANVAS and subscribe to EU, and
know what Immunity knows, and can test using CANVAS, what next?

Thank you,

Richard
 _______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

How do I defend against 0day? Jeffrey Czerniak (Apr 20)
- Re: How do I defend against 0day? Ron Gula (Apr 20)
- Message not available
  - Re: How do I defend against 0day? Jeffrey Czerniak (Apr 20)
    - Message not available
    - Re: How do I defend against 0day? Jeffrey Czerniak (Apr 20)
    - Re: How do I defend against 0day? Lurene Grenier (Apr 21)
    - Re: How do I defend against 0day? Halvar Flake (Apr 21)
    - Re: How do I defend against 0day? Nate Lawson (Apr 20)
- Re: How do I defend against 0day? Richard Bejtlich (Apr 20)
  - Re: How do I defend against 0day? Nathan Landon (Apr 20)