Full Disclosure mailing list archives
Re: Facebook Attach EXE Vulnerability
From: Peter Dawson <slash.pd () gmail com>
Date: Tue, 1 Nov 2011 11:56:43 -0400
Yes to a certain degree its all about " Saving FACE". .. however FB's 30member integrity team is only bothered about how to manage the vectors that have been primed to protect. FB is the largest network "protected" .. (YES big word Protected !! / they have over 25B checks per day and reaching upto 65K/sec at peak. Building an Immune System as large as FB's takes time, but its only on known vectors. The unknown is never realized unless one is willing to collaborate and confirm with user/community. Large Org's have the syndrome if living in the "ivory tower" and that is the biggest downfall. What could have happened if a zero day was filed and alternative markets were sought with this bug ? Yes, alternative markets pay better !.. but just saying. .what was damage ratios to users ? /pd On Tue, Nov 1, 2011 at 9:03 AM, Mikhail A. Utin <mutin () commonwealthcare org>wrote:
Face Book is trying to save its face. It's typical. I got the same answer from SonicWALL one year ago when discovered that simple internal network scanning (Nessus, Nmap, etc.) brings down entire network. The firewall internal TCP connections stack was overloaded within a few seconds (IPS is not enabled, thus was not accepting new connections. Mikhail A. Utin, CISSP Information Security Analyst
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Facebook Attach EXE Vulnerability mutiny (Nov 01)
- Re: Facebook Attach EXE Vulnerability Ferenc Kovacs (Nov 01)
- Re: Facebook Attach EXE Vulnerability Valdis . Kletnieks (Nov 01)
- Re: Facebook Attach EXE Vulnerability xD 0x41 (Nov 01)
- Message not available
- Re: Facebook Attach EXE Vulnerability xD 0x41 (Nov 01)
- Re: Facebook Attach EXE Vulnerability Valdis . Kletnieks (Nov 01)
- Re: Facebook Attach EXE Vulnerability Ferenc Kovacs (Nov 01)
- <Possible follow-ups>
- Re: Facebook Attach EXE Vulnerability Mikhail A. Utin (Nov 01)
- Re: Facebook Attach EXE Vulnerability Peter Dawson (Nov 01)
- Re: Facebook Attach EXE Vulnerability xD 0x41 (Nov 01)
- Re: Facebook Attach EXE Vulnerability Peter Dawson (Nov 01)
