Dailydave mailing list archives

Re: NematodeMS

From: "Paul Melson" <pmelson () gmail com>
Date: Mon, 18 Feb 2008 10:14:52 -0500

Nice, that would be the final blow for net IDS in the corporate

environment.  ("Don't worry

Dave, that scanning/exploit is friendly fire.")


I would think most corporate networks of any size would continue to use WSUS
or whatever because of the degree of control it offers them.  Today I am
interested in machines requesting patches directly from Microsoft because it
means they're not part of the normal patch management cycle and could
signify other problems as well (rogue machine, off the domain, VM, etc.).
Tomorrow will be the same, and if the new patch download traffic gets
blocked by the IDS because it looks too slimy, oh well.

PaulM

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

NematodeMS Dave Aitel (Feb 16)
- Re: NematodeMS Jared DeMott (Feb 18)
  - Re: NematodeMS dan (Feb 18)
  - Re: NematodeMS Paul Melson (Feb 18)