Last Updated: 2005-01-30 23:58:51 UTC
by Handlers (Version: 1)
Various variants of virus seem to still be spreading around. Nothing that is new, but just annoying to those of us that have pledged to protect our networks. The latest is Beagle/Bagle worm/virus.
Sometimes I forget that there are other operating systems out there besides the obvious ones. Our own handler Swa, was mumbling around and found out that Apple notified subscribed customers only, that patches for the Mac OS X 10.2.8 and 10.3.7 were available. They cover the following:
at commands - local privilege escalation
ColorSync - heap overflow fixed though malformed input files
libxml2 - potentially exploitable buffer overflows
Mail - strange one: CAN-2005-0127: Message-ID info leak
PHP Ė multiple known vulnerabilities
Safari - pop-ups (when not blocked) can mislead users
SquirrelMail - CSS vulnerability fixed
More info at:
Corporatations at large:
For most reading this, Iím preaching to the choir. The Beagle/Bagle variant, patches and mysql bot are all just examples of even if we donít know what we are protecting, we should be doing better. With the addition of IPS devices, application filtering firewalls, etc.. etc.. there really should be no excuse of why some of this stuff continues to spread around the networks at large. You canít continue to use just one piece of the technology, you have to Ö? Defense in Depth
With that said, there are various things that companies can do, and very soon will be required to do to further protect these assets. VISA and MasterCard have both released requirements that companies will have to follow in order to process credit cards in the future. I think that we are finally on to something. It doesnít matter how many times Iíve said to ďxĒ company in the past that they need to do ďyĒ now maybe they will start taking this advice more seriously than they would have previously done.
For some of us, protecting these networks is our day job, and allows us to continue to still be employed. So you might say that it is job security. But in the end we also get held responsible for what may or may not happen to these networks.
In the end I love what I do, and I can say that the work I do I take with pride. I often view the networks that Iím employed to protect, as my own, and treat them as such. And when something happens to them, I take a look back and learn from the mistakes Iíve made to better protect them.
Visa CISP information:
MasterCard SDP information:
The views expressed here are those of the handler on duty, and do not necessarily reflect the views of the ISC.
Please choose a specific diary above to comment