<HTML><HEAD></HEAD>
<BODY dir=ltr>
<DIV dir=ltr>
<DIV style="FONT-SIZE: 12pt; FONT-FAMILY: 'Arial'; COLOR: #000000">
<DIV>Perhaps everything basically boils down into that, at one form or
another. How many new things are really under the sun?</DIV>
<DIV
style="FONT-SIZE: small; FONT-FAMILY: 'Calibri'; FONT-WEIGHT: normal; COLOR: #000000; FONT-STYLE: normal; TEXT-DECORATION: none; DISPLAY: inline">
<DIV style="FONT: 10pt tahoma">
<DIV> </DIV>
<DIV style="BACKGROUND: #f5f5f5">
<DIV style="font-color: black"><B>From:</B> <A title=john@blackhillsinfosec.com
href="mailto:john@blackhillsinfosec.com">John Strand</A> </DIV>
<DIV><B>Sent:</B> Wednesday, June 12, 2013 9:31 AM</DIV>
<DIV><B>To:</B> <A title=dave@immunityinc.com
href="mailto:dave@immunityinc.com">Dave Aitel</A> </DIV>
<DIV><B>Cc:</B> <A title=dailydave@lists.immunityinc.com
href="mailto:dailydave@lists.immunityinc.com">dailydave@lists.immunityinc.com</A>
</DIV>
<DIV><B>Subject:</B> Re: [Dailydave] Defeating what's next</DIV></DIV></DIV>
<DIV> </DIV></DIV>
<DIV
style="FONT-SIZE: small; FONT-FAMILY: 'Calibri'; FONT-WEIGHT: normal; COLOR: #000000; FONT-STYLE: normal; TEXT-DECORATION: none; DISPLAY: inline">Why
does it seem we are moving from blacklists to "new and improved" blacklists?
<DIV> </DIV>
<DIV>It seems like the industry is caught between choosing between things that
dont work (i.e. blacklists, "better" firewalls) and things which are hard to
implement (i.e. whitelists, better internal network segmentation, baseline
monitoring, etc.) </DIV>
<DIV> </DIV>
<DIV>I think Paul said, "Every time you hit the easy button, God deploys another
trojan on your network."</DIV>
<DIV> </DIV>
<DIV></DIV>--------------------------------<BR><BR>R. Bradley
Andrews<BR>andrews@rbacomm.com<BR>CISSP, CSSLP,
CISM</DIV></DIV></DIV></BODY></HTML>