Results 1 to 5 of 5
  1. #1
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default Unexpected Sales tool

    So my biz partner goes to her usual group meeting this morning and instead of running her presentation on what my company offers she instead decided to educate the group about conficker...

    Well, long story short now the entire mass is quite freaked out and wondering what to do about it and my phone for the first time in weeks is ringing...

    Who isn't above a little scare tactics to drum up business when things are short eh?

    Anyway, thanks to...

    http://forums.untangle.com/showthread.php?t=7393

    I can now pitch Untangle to these people because I have a "magic bullet" with the UT in place to detect the presence of that bug specifically. And in so doing harden thier networks further against threats like this in the future.

    However, if I manage to get a positive response from the market using this tactic, can we get regular updates like this into the UT product? When those news worthy worms pop up it would be helpful for the existing UT customer base to know that they are being watched on a proactive basis, on a network level.

    I think it does a great job of highlighting the service behind the Untangle product, which honestly is the only way I've been able to pitch this thing. And it would help to add some brad recognition into the system later.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  2. #2
    Master Untangler
    Join Date
    May 2008
    Location
    Iowa
    Posts
    121

    Default

    Ive always said, If you yell "The sky is falling" loud enough everyone in your immediate area will hear, and 1 or 2 might look up.

  3. #3
    Untangle Ninja hescominsoon's Avatar
    Join Date
    Sep 2007
    Posts
    1,704

    Default

    The biggest thing with conficker is the lack of patching...

  4. #4
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    Yes, and the idea is to get the customer to let me do a network maintenance to get all the boxes patched, but while I'm at it I may as well pitch in a UT to help with this issue in a more global sense.

    If panic is the tool I need to use to get in the front door so they will let me care for things sanely...

    Still, I'm thinking that developing a SQL query that can hit the UT database to check the traffic logs for signs of common nasties would be quite nice.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  5. #5
    Master Untangler
    Join Date
    Aug 2008
    Posts
    111

    Default

    the problem on the conficker query is it also shows legit updates to things like checkip.dyndns.org which if you're running the service, trips that posted query. A detailed report showed me that it was the dyndns.org then I checked the ip and remembered that it was running the updater too. Need a more detailed query to show the username such that it may not cause unnecessary panic.
    The emergingthreats snort rule updates I wrote has been handy as it's flagged a couple zero day hits already a clients. It does take a bit of tweaking though as it also shutdowns down in default mode, a number of common https order sites, banking, hotmail and p2p stuff, not all a bad thing unless you really want to use them. Took a couple weeks to get through everything I wanted.
    Dave

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2