On 6/12/13, shawn wilson <ag4ve.us@gmail.com> wrote:
This is basically untrue. I can deal with a good rant as long as there's some value in it. As it is (I'm sorta sorry) I picked this apart. On Jun 12, 2013 12:04 AM, "Ricky Beam" <jfbeam@gmail.com> wrote:
On Tue, 11 Jun 2013 22:55:12 -0400, <Valdis.Kletnieks@vt.edu> wrote:
>> >
But seriously, how do you measure one's security? Banks and insurance companies supposedly have some interesting actuarial data on this.
The scope is constantly changing. Not really. The old tricks are the best tricks. And when a default install By best, you must mean effective against the greatest number of targets.
of Windows still allows you to request old NTLM authentication and most people don't think twice about this, there's a problem.
Backwards compatibility and protocol downgrade-ability is a PITA.
It seems you are referring to two things - exploit writing vs pen testing. While I hate saying this, there are automated tools that could clean up most networks for a few K (they can also take down things if you aren't careful so I'm not saying spend 2k and forget about it). Basically, not
For the orgs that the 2K tool is likely to be most useful for, $2k is a lot of cash. The scan tools that are really worth the trouble start around 5K, and people don't like making much investment in security products, until they know they have a known breach on their hands. Many are likely to forego both, purchase the cheapest firewall appliance they can find, that claims to have antivirus functionality, maybe some stateful TCP filtering, and Web policy enforcement to restrict surfing activity; and feel safe, "the firewall protects us", no other security planning or products or services req'd.
As I indicated above, 0days are expensive and no one is going to waste one on you. Put another way, if someone does, go home proud - you're in with [snip]
I would call this wishful thinking; 0days are expensive, so the people who want to use them, will want to get the most value they can get out of the 0day, before the bug gets fixed. That means both small numbers of high value targets, and, then... large numbers of lesser value targets. If you have a computer connected to the internet, some bandwidth, and a web browser or e-mail address, you are a probable target. If a 0day is used against you, it's most likely to be used against your web browser visiting a "trusted" site you normally visit. The baddies can help protect their investment in 0day exploit code, by making sure that by the time you detect it, the exploit code is long gone, so the infection vector will be unknown. -- -JH