Firewall Wizards mailing list archives
Re: Scare Me !!
From: Lance Spitzner <spitzner () dimension net>
Date: Fri, 11 Jun 1999 17:32:29 -0400 (EDT)
On Thu, 10 Jun 1999, Ken Hardy wrote:
I need to induce a healthy respect for Internet dangers into some folks around here. I know the dangers, or enough of them, but it's wearing to try to educate one after another exec, network tech, etc.
Two papers that may help. "Know Your Enemy" covers the tools and tactics of script kiddies. How the randomly probe the Internet for vulnerable targets. http://www.enteract.com/~lspitz/enemy.html "Know Your Enemy:III" covers step by step how a script kiddie hacks a system, covers his tracks, and then monitors your every move. The paper is based on a system that was hacked last month. I have system logs and keystrokes to verify the black-hat's every move. http://www.enteract.com/~lspitz/enemy3.html Hope that helps :)
In addition to the regular sort of security literature, a list of real-life (or very possible) security incidents that could help foster a healthy respect for the potential dangers might be real useful. An internet shop of horrors website, perhaps. I'd appreciate anything useful in this regard. I'm trying to reach the sort of people who think that a) we have a firewall so we're safe; b) a packet filter is a firewall (even if all ports >1024 are open!); c) desktop modems are nothing to worry about; d) we *need* to support the impossible-to-defend protocols of the latest whiz-bang internet app through the firewall; e) policy? we don't need no stinkin' policy; f) etc., etc., etc. -- KH
Lance Spitzner http://www.enteract.com/~lspitz/papers.html Internetworking & Security Engineer Dimension Enterprises Inc
Current thread:
- RE: Scare Me !!, (continued)
- RE: Scare Me !! Joseph Judge (Jun 15)
- RE: Scare Me !! Jody C. Patilla (Jun 15)
- RE: Scare Me !! Joseph Judge (Jun 20)
- RE: Scare Me !! Marcus J. Ranum (Jun 15)
- RE: Scare Me !! Eric Budke (Jun 20)
- RE: Scare Me !! Joseph Judge (Jun 20)
- RE: Scare Me !! Jody C. Patilla (Jun 15)
- RE: Scare Me !! andrew . c . howard (Jun 14)
- RE: Scare Me !! sean . kelly (Jun 14)
- Scare Me !! Ken Hardy (Jun 14)
- Re: Scare Me !! Ken Hardy (Jun 14)
- Re: Scare Me !! Lance Spitzner (Jun 14)
- Re: Scare Me !! Alec Muffett (Jun 14)
- Re: Scare Me !! Technical Incursion Countermeasures (Jun 15)
- Re: Scare Me !! Technical Incursion Countermeasures (Jun 15)
- RE: Scare Me !! Copp, Carlton (Jun 15)
- RE: Scare Me !! Feeney, Tim (Jun 15)
- RE: Scare Me !! Joe Pung (Jun 20)
- RE: Scare Me !! Waszak, Thomas (Jun 15)
- Re: Scare Me !! Joseph S D Yao (Jun 16)
- Re: Scare Me !! Robert Graham (Jun 20)
- RE: Scare Me !! Joseph Judge (Jun 15)