[PLUG] Joe Jobbed - security considerations
M. Edward (Ed) Borasky
znmeb at cesmail.net
Wed Oct 10 05:34:15 UTC 2007
Ronald Chmara wrote:
> So, hokay. A bit about frsirt, and my experience in the field....
>
> I had this hardcore gig for about a year, where I was part of a 24/7
> team that did nothing but monitor the existing known set of exploits,
> write patten matching code (think of something like snort on
> steroids, with end-user clients that could nuke other people (not a
> rhetorical device)), and build detection rules for the exploits. One
> of our best research tools was frsirt, because quite a few (half to
> 80%) of their warnings, for a long time, came with PoC (Proof of
> Concept) code to run, which made our lives easier.
[snip]
Reminds me of that set of photos -- "So you hate your job" :)
Seriously, though, I just can't imagine a worse job in computing. It
takes a special breed to do stuff like that. My hat is off to you, etc.
Me ... I'd rather clean up after elephants in a circus.
More information about the PLUG
mailing list