[funsec] idea
RandallM
randallm at fidmail.com
Sat Jan 3 16:37:47 CST 2009
Unless I am not understanding (because I am reading it now) it still does
not give the solution of access when a machine is compromised. Hence what
Ben, Alex and I are examining, obfuscation to the sites with access to the
tools to clean them. Compromised machines cannot "get" to anything due to
DNS changes and re-directions from malicious servers.
Now, I have yet read the full report.
On Sat, Jan 3, 2009 at 3:16 PM, Paul Ferguson <fergdawgster at gmail.com>wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Sat, Jan 3, 2009 at 12:39 PM, Tomas L. Byrnes <tomb at byrneit.net> wrote:
>
> > The concept of distributed/cloudAV has been worked on by the University
> > of Michigan crew that did the fundamental work that led to Arbor
> > Networks:
> >
> > http://www.eecs.umich.edu/fjgroup/cloudav/
> >
> > It's similar in detection concept to Sunbelt's new product in that it
> > uses multiple engines, and to the current discussion in that it is a
> > distributed system.
> >
>
> Admittedly, this is also something we (Trend Micro) started working on a
> couple of years ago, especially the "distributed protection" components in
> "the cloud" -- we were one of the first to deploy. Not meant to be a
> marketing point, but FYI:
>
> http://itw.trendmicro.com/smart-protection-network/
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.6.3 (Build 3017)
>
> wj8DBQFJX9Wtq1pz9mNUZTMRAtOsAKDBeP3hjL4FamsSa8hYk12VGK4b5ACfbHtI
> mnwe4gv7legTAqijw8rHkTU=
> =G5hH
> -----END PGP SIGNATURE-----
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawgster(at)gmail.com
> ferg's tech blog: http://fergdawg.blogspot.com/
>
--
been great, thanks
Big R a.k.a System
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20090103/9033b740/attachment.htm
More information about the funsec
mailing list