This document is an attempt at predicting the worst possible future of worms, given the current computer science possibilities. Following this, the document then attempts to provide hints on solutions that could be used in defense against new threats.<\/p>\n","protected":false},"excerpt":{"rendered":"
In the end, what is left and what could be done as an emergency measure? I’m afraid there’s not much that can be done to approach 100% efficiency.<\/p>\n
Probably one of the most promising security measures would be traffic shaping IDSes and communication between different ones. They still need a lot of improvement to prevent false positives, because false positives tend to bore administrators who then end up not listening to alerts anymore.<\/p>\n
Full disclosure of vulnerabilities is surely a way of facilitating the task of exploit writing. On the other hand, imposing a total blackout on vulnerability discovery and disclosing it only to the vendor (or publisher) of a piece of software is surely a way of; 1- not inciting hackers to discover holes, and 2-having some hackers keep them for their group of friends to carry out their own exploits. <\/p>\n
Good old solution: patch, patch, patch
\nLast word: patching a system as soon as a solution has been found to a security vulnerability has always been the best solution to avoid security problems.<\/p>\n
More info: http[url=http:\/\/www.net-security.org\/dl\/articles\/wf.pdf]:\/\/www.net-security.org\/dl\/articles\/wf.pdf[\/url]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2017","post","type-post","status-publish","format-standard","hentry","category-trends"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2017","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2017"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2017\/revisions"}],"predecessor-version":[{"id":4504,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2017\/revisions\/4504"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2017"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2017"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2017"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}