nanog mailing list archives
Re: AV/FW Adoption Sudies
From: Valdis.Kletnieks () vt edu
Date: Thu, 10 Jun 2004 16:46:34 -0400
On Thu, 10 Jun 2004 13:30:41 PDT, Eric Rescorla said:
[0] Note that this doesn't require that the chance of finding any particular bug upon inspection of the code be very low high, but merely that there not be very deep coverage of any particular code section.
Right. However, if you hand the team of white hats and the team of black hats the same "Chatter has it there's a 0-day in Apache's mod_foo handler".... Note that the rumored 0-day doesn't even have to exist - one has to wonder how many of the bugs found in Windows by all color hats were inspired by Allchin's comment under oath that there was an API flaw in Windows so severe that publishing the API could endanger national security.....
Attachment:
_bin
Description:
Current thread:
- Re: AV/FW Adoption Sudies, (continued)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Paul G (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Paul G (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Eric Rescorla (Jun 10)
- Re: AV/FW Adoption Sudies Valdis . Kletnieks (Jun 10)
- Re: AV/FW Adoption Sudies Steven M. Bellovin (Jun 10)
- Re: AV/FW Adoption Sudies Michael . Dillon (Jun 11)
- Re: AV/FW Adoption Studies Niels Bakker (Jun 11)