[Dailydave] NematodeMS

[Paul Melson]

> Nice, that would be the final blow for net IDS in the corporate
environment.  ("Don't worry 
> Dave, that scanning/exploit is friendly fire.")

I would think most corporate networks of any size would continue to use WSUS
or whatever because of the degree of control it offers them.  Today I am
interested in machines requesting patches directly from Microsoft because it
means they're not part of the normal patch management cycle and could
signify other problems as well (rogue machine, off the domain, VM, etc.).
Tomorrow will be the same, and if the new patch download traffic gets
blocked by the IDS because it looks too slimy, oh well.

PaulM