Re: Is your security 6/6/6 ready?

[Valdis.Kletnieks () vt edu]

On Sun, 04 Jun 2006 20:54:37 +0300, analyzerx said:
> you must be retarted right?

Actually, his question *is* legitimate.  I'm sure that at least a
few script kiddies will take advantage of "Mark of the Devil Day" to
cause mischief.  There were similar concerns about hackers doing stuff
in conjunction with the Y2K rollover (when they could fly under the wire).

Of course, as a co-worker and I pointed out to many people back then,
launching a hack attack when the target is probably in an 'all-hands'
alert mode *watching* for the slightest twitchiness in the system was
a bad idea.  The time to do it was on Jan 3, about 6PM local time at the
target - at which point the entire IT staff was probably saying "F**k this,
even if it's Monday, we're going out and getting falling-down, shit-faced,
blowing-chunks(*) drunk. We didn't have a Y2K disaster."

Interestingly enough, the SANS DShield project had a interesting post
regarding "non-standard incident prediction" just the other day, which
overlaps the 6/6/06 issue:

http://isc.sans.org/diary.php?storyid=1379

That sort of 'Level 8' thinking *should* be at least thought about as
part of a reasonable organizational security stance.  And at least *some*
people think something interesting is going to happen Tuesday:

http://www.cnn.com/2006/US/06/03/hell.party.ap/index.html

"According to the town's semi-official web site..."  Hmm.  Now combine
that with the SANS article's comment about fake websites targeting
World Cup fans, and add a dash of paranoia.... ;)

(*) That's *really* drunk: http://www.eforu.com/jokes/bartender/23.html

Attachment: _bin
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/