Full Disclosure mailing list archives
Re: Pro US government hackerganda
From: Valdis.Kletnieks () vt edu
Date: Fri, 14 Sep 2007 12:40:43 -0400
On Fri, 14 Sep 2007 01:41:40 -0000, jf said:
You're suffering from a logical falicy, I worked in that arena (albeit it a different agency) in incident response for quite some time, while I find the number somewhat high, it's not unreasonable, if you broke into $lots of workstations and servers on a regular basis and downloaded everything that ended in extensions like .pdf, .eml, .doc, et cetera, it wouldn't take that long to get up to very high numbers. This is exactly what has occurred and makes your assertion that of ignorance and presumption.
Right. The first point is that you'd have to break into *lots* of boxes to get enough PDF's to get 20 terabytes. That's asleep-at-the-wheel #1. Then there's asleep-at-the-wheel #2 - moving 20 terabytes off the network without the resulting traffic being noticed. It isn't rocket science to keep aggregate traffic logs and say "Wow, that workstation usually only sends a megabyte or two per day to the Outside World, mostly in the form of Google queries and GET requests for cnn.com pages. Today they've send 2 gigabytes out - I wonder what changed". Maybe that network needs to contract upload detection out to the RIAA.....
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- place bets this doesn't appear on pro us government securityfocus frontpage hack the gov (Sep 12)
- Re: place bets this doesn't appear on pro us government securityfocus frontpage Jibujibujibu (Sep 12)
- Re: place bets this doesn't appear on pro us government securityfocus frontpage Valdis . Kletnieks (Sep 12)
- Re: place bets this doesn't appear on pro us government securityfocus frontpage Paul Schmehl (Sep 12)
- Re: place bets this doesn't appear on pro us government securityfocus frontpage Robert Lemos (Sep 13)
- Pro US government hackerganda J. Oquendo (Sep 13)
- Re: Pro US government hackerganda jf (Sep 13)
- Re: Pro US government hackerganda Valdis . Kletnieks (Sep 14)
- Re: Pro US government hackerganda lostzero (Sep 14)
- Re: Pro US government hackerganda J. Oquendo (Sep 14)
- Re: Pro US government hackerganda J. Oquendo (Sep 14)
- Re: Pro US government hackerganda Richard Golodner (Sep 14)
- Re: Pro US government hackerganda Geo. (Sep 15)
- Re: Pro US government hackerganda yiri (Sep 15)
- Re: Pro US government hackerganda Richard Golodner (Sep 15)
- Re: Pro US government hackerganda blah (Sep 15)
- Re: Pro US government hackerganda php0t (Sep 15)
- Re: place bets this doesn't appear on pro us government securityfocus frontpage Robert Lemos (Sep 13)
- Re: place bets this doesn't appear on pro us government securityfocus frontpage Jibujibujibu (Sep 12)
- Re: Pro US government hackerganda jf (Sep 18)