Vendor notificationMar 30 2005 08:13PM Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net) (1 replies)
Re: Vendor notificationMar 30 2005 08:43PM Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa pacbell net) (1 replies)
And keep in mind I'm also talking from the standpoint of "I see a new
exploit for 05-002, do you guys?"
I'm not talking about security vulnerability, per se, I'm talking about
'here's the bad packets I'm seeing hitting my ports and maybe someone
needs to know about this".
I'm talking about informing about 'bad stuff in the wild' to help the
vendor know that we are all protected for this stuff.
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> Just a question...on your security incident checklist is there a step
> for vendor notification? Example secure (at) microsoft (dot) com [email concealed] for Microsoft
> products.
>
> Like for example on this list... when you report something unusual
> here ...is there a point in time that reporting it to the security
> department of Redhat, SuSe, Microsoft, etc. would be a valid exercise?
>
> I find sometimes that it's on these listserves that are the first
> 'indicators' of issues and that vendors will grab these threads and
> emails and pull in a case that should have had vendor notification
> much earlier.
>
> I've seen this happen twice personally to me where a email thread that
> I spotted got the attention of a vendor and when the poster was
> contacted they hadn't even thought it was worthy enough to report it
> to the vendor, yet in reality it was.
>
> At what point do you notifiy? Do you have criteria for notification?
> [heck do you have the vendor email contacts listed on your incident
> checklist?]
>
> Susan
>
> http://www.redhat.com/security/team/contact/
>
> Microsoft TechNet Security - Microsoft Security Response Center PGP Key:
> https://www.microsoft.com/technet/security/bulletin/pgp.mspx
>
--
Chapter 4 of The Complete Patch Management Book:
https://www.ecora.com/ecora/jump/pm149.asp
So why is it the only book on NT Event Logging is out of print?
http://tinyurl.com/3kwc2
And if you don't know about www.eventid.net You should!
exploit for 05-002, do you guys?"
I'm not talking about security vulnerability, per se, I'm talking about
'here's the bad packets I'm seeing hitting my ports and maybe someone
needs to know about this".
I'm talking about informing about 'bad stuff in the wild' to help the
vendor know that we are all protected for this stuff.
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> Just a question...on your security incident checklist is there a step
> for vendor notification? Example secure (at) microsoft (dot) com [email concealed] for Microsoft
> products.
>
> Like for example on this list... when you report something unusual
> here ...is there a point in time that reporting it to the security
> department of Redhat, SuSe, Microsoft, etc. would be a valid exercise?
>
> I find sometimes that it's on these listserves that are the first
> 'indicators' of issues and that vendors will grab these threads and
> emails and pull in a case that should have had vendor notification
> much earlier.
>
> I've seen this happen twice personally to me where a email thread that
> I spotted got the attention of a vendor and when the poster was
> contacted they hadn't even thought it was worthy enough to report it
> to the vendor, yet in reality it was.
>
> At what point do you notifiy? Do you have criteria for notification?
> [heck do you have the vendor email contacts listed on your incident
> checklist?]
>
> Susan
>
> http://www.redhat.com/security/team/contact/
>
> Microsoft TechNet Security - Microsoft Security Response Center PGP Key:
> https://www.microsoft.com/technet/security/bulletin/pgp.mspx
>
--
Chapter 4 of The Complete Patch Management Book:
https://www.ecora.com/ecora/jump/pm149.asp
So why is it the only book on NT Event Logging is out of print?
http://tinyurl.com/3kwc2
And if you don't know about www.eventid.net You should!
[ reply ]