RE: CISSP quote of the week

[Des <security () senticom co uk>]

Well without wanting to be flamed, speaking to Roger Grimes end of last year, he was quite emphatic about two things 
from his experience with honeypots, that the greatest amounts of attacks came from automated scanners looking for 
existing vulnerabilities and that this fact meant that just changing the default ports was enough to protect against 
these attacks.

This may explain the CISSP statement, which given in the context of botnets being driven by organised crime might 
actually be true.

True 0days are never going to be detected by existing signature-based techologies used by the enterprise, but this 
doesn't mean that the noisy skiddie activity isn't the most prevelant. If it works, why reinvent the wheel?

Just as we judge others, let us be judged on our own objectivity.... just `cos it has CISSP tagged onto it doesn't mean 
it isn't true. :)

BTW I ain't no CISSP ;)