http://www.attrition.org/security/rant/z/jericho.007.html
Cashing in on Vaporware
Thu Apr 19 09:17:21 MDT 2001
Jericho
"The CERT Coordination Center is a center of Internet security
expertise", and they have a new product to sell you. Only it isn't
really new - and it was never a stellar product to begin with.
For years, CERT has been a federally funded group handling incident
response, vulnerability analysis and published security alerts. They
are perhaps the most well known for their advisories which enjoy a
wide distribution.
The Product: Advisories
Many in the security community dismiss the CERT advisories as either
old news or too vague to be of any practical use. The two major faults
continually seen in their work are tardiness and complete lack of
detail.
CERT advisories often come weeks or months after the information has
been made public in other forums such as Bugtraq or mainstream news
outlets. For those in the security field who keep an eye on both sides
of the fence, the notion that CERT provides useful information is a
bigger joke. There have been many cases where vulnerabilities with
working exploit code circulated in both underground and public
security circles for months (in a few cases, years) before CERT
responded with an advisory. This was seen with various Solaris RPC
exploits, multivendor POP/IMAP exploits, and more recently with WU-FTP
exploits. While some hackers are abusing these vulnerabiltiies and
compromising a wide variety of hosts, CERT is often not aware of the
vulnerability until they begin to correlate incident reports.
[...]
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Mon Apr 23 03:03 CDT 2001