Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Recent Attacks

From: Malcolm Holser <mholser () Adobe COM>
Date: Wed, 16 Feb 2000 23:40:36 -0800
At 09:56 AM 2/16/00 , Bennett Todd wrote:

I may be a cad and a barbarian, but I'm less concerned with
identifying who's doing it, and more concerned with making the
attacks harder to mount, and easier to stop.


Personal opinion warning here!

These attacks were helped along really well by sloppy IS folks at big
sites (like UCSC and the Navy).  The daemon that had been hacked onto
the source sites was well-known and warned against since December at least.
There were scripts available to scan your hosts for this.

While the attacks probably were meant as a "wake up" call, the ones who
need to wake up are the folks running the sites that were the sources of the
flood.

Firewalls are great -- the condoms of the internet, but you also want to
have folks checked for viruses routinely if they are going to be playing
in this bar!

I wonder if eTrade can sue the intermediate hosts involved here for failure to
take reasonable precautions to insure their machines were not co-opted
for criminal usage. I bet some of these site have got very, very deep pockets... 

Malcolm Holser
Previous By Date Next
Previous By Thread Next

Current thread: