Firewall Wizards mailing list archives
Re: Re: Highlighting Security Issues
From: <firewalladmin () bellsouth net>
Date: Fri, 6 Aug 2004 15:03:24 -0400
Now that's a scarey picture Marcus. The real scarey part is how very possibly it would be to create such a tool. I suppose it would be possible to detect with the right AV or IDS signatures, and possibly stripped at SMTP Gateways, but based on the large number of unpatched and unprotected systems out there it would certainly find it's way into a few networks. This kind of program/tool would probably find it's heaviest use by skilled hackers and unethical systems administrators who surgically plant/run it against a select few. Imagine a scenerio where a foreign government persuads a disgruntled sysadmin (either through social engineering or for monetary reward) to "frame" a higher level government official in such a way as to remove him form his job? Your thoughts? Mark From: "Marcus J. Ranum" <mjr () ranum com> Date: 2004/08/06 Fri PM 01:41:19 EDT To: <firewalladmin () bellsouth net>, Victor Williams <vbwilliams () neb rr com> CC: <firewall-wizards () honor icsalabs com> Subject: Re: Re: [fw-wiz] Highlighting Security Issues firewalladmin () bellsouth net wrote:
And would you fake screenshots of stock quotes or would fake screenshots of porn if you were trying to get a guy in trouble?
Incompetence is not an offense in the government. If you're trying to get someone in trouble, you need to make it look like they're committing a bona-fide offense, not just something that's going to bring them a mild wrist-slapping. In today's climate, making them appear to be involved in child porn, or terrorism would be better. Hmmm.... This makes me wonder about the shifts to the balance of power that might happen if someone introduced a tool intended to introduce spurious "evidence" for such a purpose. Stuff the victim's cache with kiddie-porn, load their history, create an encrypted virtual disk of snuff movies (with a crackable password) and perhaps a few recipes for radiologic bombs... Then the tool could automatically dime them out to HR and the FBI.. Such a tool could make a great offensive weapon _or_ defensive weapon, once its existence was known. "Someone must have gotten my hard disk with Cthulhu4.0! I swear!" now becomes a an effort in plausible deniability. mjr. Mark F. MCP, CCNA "You can spend your life any way you want... But you can only spend it once." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Re: Highlighting Security Issues, (continued)
- Re: Re: Highlighting Security Issues firewalladmin (Aug 06)
- Re: Highlighting Security Issues Victor Williams (Aug 06)
- Re: Re: Highlighting Security Issues Dave Piscitello (Aug 06)
- Re: Re: Highlighting Security Issues firewalladmin (Aug 06)
- Message not available
- Re: Re: Highlighting Security Issues Marcus J. Ranum (Aug 06)
- Re: Re: Highlighting Security Issues Christopher Hicks (Aug 12)
- Re: Re: Highlighting Security Issues Adam Shostack (Aug 12)
- Re: Re: Highlighting Security Issues ArkanoiD (Aug 25)
- Re: Re: Highlighting Security Issues Matt Dunn (Aug 12)
- Low Carb Security Dave Piscitello (Aug 12)
- Message not available
- Re: Re: Highlighting Security Issues firewalladmin (Aug 06)
- Message not available
- Re: Re: Highlighting Security Issues Marcus J. Ranum (Aug 06)