Firewall Wizards mailing list archives
Re: .gov/.mil threat ID
From: Joseph S D Yao <jsdy () cospo osis gov>
Date: Tue, 26 Jan 1999 13:31:46 -0500 (EST)
I think the government and military may be the only organizations with the resources to respond to potential threats, but they still do not know how to effectively respond, or even to decide which events their threat detection systems log should be responded to. Apparently someone sent a "small number of probes" to a .mil site spoofed from one of my computers' addresses a few weeks ago, and they were quite paranoid about it. If the government can log but doesn't have the resources to decide what to do with that potential threat information, what good would it do a company with alot less resources? Or is the military just inept at their analysis?
There is no such thing as "the military". There are individual people, some of whom are ept, and some of whom may or may not be inept. ;-) There are also individual groups, whose response may depend on their local commanding officer's philosophies, and what they believe they have to protect. If they believe that there is a possibility of a hostile attack, and then they get packets which appear [spoofed or not] to be from your workstation, then some amount of paranoia is an appropriate response.
From the fact that you and your computer are still there, and that you
are able to talk about it, I take it that it was not a LARGE amount of paranoia. ;-] Take into account the general military response to attacks! Be thankful that they are NOT allowed to lay down retaliatory fire! ;-} -- Joe Yao jsdy () cospo osis gov - Joseph S. D. Yao COSPO/OSIS Computer Support EMT-A/B ----------------------------------------------------------------------- This message is not an official statement of COSPO policies.
Current thread:
- .gov/.mil threat ID AI mailer v .1 alpha (Jan 26)
- Re: .gov/.mil threat ID Joseph S D Yao (Jan 27)
- Re: .gov/.mil threat ID Paul D. Robertson (Jan 27)
- <Possible follow-ups>
- RE: .gov/.mil threat ID Stout, Bill (Jan 27)
- RE: .gov/.mil threat ID Crumrine, Gary L (Jan 28)
- RE: .gov/.mil threat ID Paul D. Robertson (Jan 28)
- RE: .gov/.mil threat ID David Harley (Jan 29)
- RE: .gov/.mil threat ID Paul D. Robertson (Jan 28)
- RE: .gov/.mil threat ID Stout, Bill (Jan 28)