[SPAM] RE: [VOIPSEC] Actual Attacks
Robert Moskowitz
rgm at icsalabs.com
Mon Feb 28 15:35:52 CST 2005
At 09:18 PM 2/25/2005, Christopher A. Martin wrote:
>Most organizations will hold that information at arms length if they have
>any security or business sense at all. It's like saying "I don't have a
>firewall and all of my data is open for anyone to get at". You just don't do
>that, even with close friends. But I suspect the occurrences are lower today
>and would not dispute this fact either.
A number of companies with very good border defenses have gotten virii
attacks via VPN connects with trading partners that did not have such good
border defenses. Many companies will not apply the lastest Cisco patch to
production routers until the year-end shutdown,/maintance cycle trusting
those crunchy shells.
It is NOT our job to calculate the risk of packet collection, replay
attacks, and the like.
Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W: 248-968-9809
F: 248-968-2824
E: rgm at icsalabs.com
There's no limit to what can be accomplished
if it doesn't matter who gets the credit
More information about the Voipsec
mailing list