Snort survives first vulnerability

Thursday, 13 March 2003, 9:06 AM EST

Can you take us through the first few days after Sourcefire first learned of the vulnerability?

Jackson: We learned about it the evening of Feb. 20. Internet Security Systems discovered it. They recognized how pervasive Snort is and it led them to take a back seat to us in addressing the vulnerability and releasing the information to the public. We worked together to form a disclosure strategy. We put the elements together to mitigate the vulnerability, including the patch, so that at the start of business on Monday March 3, we were ready with everything needed to remediate.

Snort is used heavily in the (U.S.) government. We concluded that we should include NIPC in the initial disclosure and let them guide us on the disclosure strategy (on Feb. 27). They used the subsequent week to mitigate and patch anything. Last Monday (March 3), we made the disclosure to our customers and the public.

[ Read more ]

Related items




Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //