I have configured this list for announcements, discussion of issues,
submittal of requests/patches/questions pertaining to StJude -- and
general discussion about system survivability and intrusion resiliency
What is Intrusion Resiliency?
Intrusion Resiliency is a term that describes a system's ability to
detect an intrusion, and automaticly respond in such a way that the
system is able to restore its integrity and continue opperating, even
if with some degredation in performance. In this respect, the system
becomes self-healing in the light on a penetration.
Intrusion Resiliency contrasts to Intrusion Containment, the
stratagey of setting up compartments, jails, or virtual sub-systems, in
which an intrusion is limited to contaminating only a contained part of
a whole system. The contained intrusion is then responded to manually,
or the contamination is removed by eliminating the contaminated
compartment and replacing it with a fresh/clean copy of the compartment.
Kinda neat idea eh? I though so too.