Re: The Morris worm to Nimda, how little we've learned or gained

["R. DuFresne" <dufresne () sysinfo com>]

On Sat, 12 Jan 2002, Michael Brennen wrote:


> There have been many such catalysts this past year to alert people
> that their networks and data are at very high risk.  If Code Red,
> Nimda and such don't fit the profile you describe above, what event
> would you expect to be sufficient to do so?  The McAfee office in
> Dallas was down for at least a day and a half in Dallas when Nimda
> hit; that was one office.  If such a breach isn't sufficient to get
> the attention of management, what is?  If Microsoft's network being
> penetrated, which was fairly widely known, isn't sufficient signal
> to companies running the same software that the same could happen to
> them, what would be?  If the FBI's data being randomly mailed around
> doesn't scare someone that it could happen to their own data, what
> will it take to sink in?
        [SNIP]

I think the person you reply to means something so totally catastrophic
that it takes down like all the core name servers or a whole gov network
or many many systems, soething o par with the 9/11/01 twin towers attack
in NY.  I could have read him wrong, but, I think he's talking on that
scale.  And it is a shame, being all the 'signals' you mention that have
been there for sure. 


Thanks,


Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards