Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

focus-ids logo IDS mailing list archives

RE: Are sophisticated attacks just FUD?
From: "Rob Shein" <shoten () starpower net>
Date: Thu, 1 Jul 2004 10:08:04 -0400
From SecurityFocus, an excellent and extremely current example you can point

to:

http://www.securityfocus.com/columnists/251

Everyone: note that the boss is not talking about multi-vector attacks, but
multi-stage attacks, where multiple attacks combine into one compromise, if
I understand correctly.  The alternative is that he's talking about
situations where the hacker roots a box on the DMZ, and from there roots
another box deeper inside.  This is a bit trickier to discuss, as few
organizations who have been hacked will disclose the details (if anything at
all), and certainly nobody who does this sort of thing would stand up to be
counted.  That said, I have personally cleaned up such a compromise myself
at a client, and have had discussions with people who have stated (with
credibility) that they have performed such a hack.


-----Original Message-----
From: Sam Heshbon [mailto:sheshbon () yahoo com] 
Sent: Tuesday, June 29, 2004 12:12 PM
To: focus-ids () securityfocus com
Subject: Are sophisticated attacks just FUD?


I had a big discussion with my boss who claims most of the 
IPS, SIM and other new tools are just a hype protecting from 
sophisticated threats, which only exist in labs. He thinks 
multi staged attacks and so on do not often happen in the 
wild and shows our firewall's logs as evidence. It is true we 
see mostly worms.(NMAP) scanning happens once in a while, but 
he claims it's a script kiddy and the fact we have never seen 
a breach means it is not a real threat (we run a large 
network operation). I'm looking for statistical data showing 
how frequent sophisticated attacks and advanced tools are 
evolved and what there damage is to the corporate. If anyone 
knows of a research showing if this is FUD or a real problem, 
I'd love to prove him wrong (I'm willing to admit I'd be 
happy to have some new toys ;)



      
              
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage! 

http://promotions.yahoo.com/new_mail 

---------------------------------------------------------------------------

---------------------------------------------------------------------------




---------------------------------------------------------------------------

---------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]