RE: military strike possible?

["Mickey S. Olsberg" <mickey.olsberg () pc-ems com>]

Just to chime in here, and put this thing back into topic:

The arguments listed in this thread seem to be a little misguided, or
perhaps even naive to the workings of the US Military. You have taken a
legitimate thread about cyber-terrorism (information, or rather
unconventional warfare) and linked it to bombs and WMD (more
conventional warfare). While one possibly could lead to the other, it is
more likely that one (info.) will be used to assist with the other
(conv.). If an enemy is attacking by conventional means, isn't it safe
to say that the enemy might want to access their networks to determine
where the troops are going and with what supplies? Wouldn't they want to
hack that system and divert those troops and supplies to a place of
their choosing? This is too simplistic of an example, but you get the
point. The next part of what I have to say should serve to clue some in
to how the Government works. To say that the opinions of one person, no
matter how high up, can effect change throughout something as large as
the DoD; is about like saying that a President can snap his fingers and
produce jobs. People that need workers hire people, and unless the
President is going to start hiring more people into the Government he
cannot "create" jobs. He can only make it easier for the people that can
to do it. The same is true for Military policy. Donald doesn't turn his
head a certain way and the Military copies his action. These are all
people we are talking about, with their own opinions (look at Wes Clark
on that one). While I'm sure that the NSA, CIA, FBI, DHS, etc would love
it if the Military could retaliate against hackers, it just won't
happen. As an example, the Military is expressly FORBIDDEN from even
pinging a host that does something "questionable". One of the branches
is only allowed to do an nslookup or dig against a host, even when that
host is doing a port scan or a DoS attack. That's it, nslookup and dig.
How does that work into the conspiracy theory?

As a side note, some foreign governments treat a simple ping against one
of their networks as an Act of War (we all do know the capabilities of
ICMP don't we?). Because of this, and because IP spoofing is pretty
easy, we are very careful. Russia sees Joe Black sitting on BellSouth
ping them, so what. North Korea sees a US Military IP address ping them,
whole 'nuther ball game.

By the way, on the IMHO thing, when you use it, are you like saying that
all of your other opinions aren't honest (the ones without it)? Just
something from a person that has had to testify in Court (they tell you
never to say things like "to be honest"...). ;)

Mickey Olsberg
Network Management/Security Instructor
US Military

-----Original Message-----
From: Charles Smith [mailto:softwar () softwar net] 
Sent: Thursday, October 30, 2003 11:57 AM
To: Ranjeet Shetye; Raymer, Dan
Cc: 'Meritt James'; security-basics () securityfocus com
Subject: Re: military strike possible?

In ref. to the bombing of the PRC embassy in Belgrade...

Isn't it amazing that the USAF B-2 put only two bombs into the embassy -
one
in the computer center and one into the communications center.  Its also
amazing that the two so called reporters that were killed were never
seen on
the job as journalists.

In ref. to this entire thread - e.g. would you start WWIII just because
someone hacked the FAA or something similar...

I find it amazing the guy who started this thread is:

James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

Last time I talked to Booz Allen - it was to interview former NSA
Director
Adm. McConnell.  I put some of the interview online at
http://www.softwar.net/mcc.html

Perhaps Mr. Meritt needs to ask some of the former NSA employees working
at
Booz Allen on the subject line and report back to us.

Charlie Smith
Softwar
----- Original Message -----
From: Ranjeet Shetye <ranjeet.shetye2 () zultys com>
To: Raymer, Dan <DRaymer () webmd net>
Cc: 'Meritt James' <meritt_james () bah com>;
<security-basics () securityfocus com>
Sent: Wednesday, October 29, 2003 7:29 PM
Subject: RE: military strike possible?


> On Tue, 2003-10-28 at 13:08, Raymer, Dan wrote:
> > considering that intelligence can't even tell a Chinese embassy from
a
> > warehouse or where senior leadership is having a meeting, how do
they
expect
> > to hit a bunch of teenage script kiddies (or heavens forbid, REAL
crackers)
> > coordinating an attack via IRC?
>
> word on the streets was that the Chinese embassy was actively helping
> the Yugoslavs track American planes and co-ordinate attacks on
American
> planes by adapting Russian technology. Remember the stealth fighter
> F-117A that was lost initially ? After the Chinese embassy was
> "counselled out", no more American F-117A were lost.
>
> http://www.fair.org/activism/embassy-bombing.html
>
> as i said, no solid proof, just word on the streets.
>
> > -----Original Message-----
> > From: Meritt James [mailto:meritt_james () bah com]
> > Sent: Tuesday, October 28, 2003 11:11 AM
> > To: 'security-basics () securityfocus com'
> > Subject: military strike possible?
> >
> >
> >
> > Going from the premptive strike philosophy demonstrated in
Mideastern
> > countries, what are your thoughts on a military strike against (as
yet
> > unseen) "cyberterrorists" a'la
> > http://www.msnbc.com/news/985295.asp?0si=- if there were
extranational
> > agents tampering with identified components of the infrastructure to
> > the extent that they were risking human life?
> --
>
> Ranjeet Shetye
> Senior Software Engineer
> Zultys Technologies
> Ranjeet dot Shetye2 at Zultys dot com
> http://www.zultys.com/
>
> The views, opinions, and judgements expressed in this message are
solely
> those of the author. The message contents have not been reviewed or
> approved by Zultys.
------------------------------------------------------------------------
--
-
> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
> The Presidio integrates PGP data encryption and XML Web Services
security
to
> simplify the management and deployment of PGP and reduce overall PGP
costs
> by up to 80%.
> FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
>
------------------------------------------------------------------------
--
--


------------------------------------------------------------------------
---
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services
security to 
simplify the management and deployment of PGP and reduce overall PGP
costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027

------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------