Firewall Wizards mailing list archives
RE: Worms, Air Gaps and Responsibility
From: "Kelly, Chris W." <ckelly () hsutx edu>
Date: Fri, 14 May 2004 08:57:14 -0500
Yea - I worry about that some. We use a wireless internet feed from the local cable company for net access. We had some trouble with the service being there one minute and gone the next. It's very reassuring when you call them, then the "tech" calls back and you get a conversation like: "What's wrong?" "Service is down again." "Hang on...um, run IPCONFIG for me." "OK...We don't have our normal 12.xxx address - just the Windows default." "What is it?" "169.254..." "You have a virus." "Do what? Why do you say that?" "That IP address has been in some computers I've seen that have a virus." So then I get to school the guy on a little Windows IP and finally he agrees what the real deal is - the node is dead. They also had an "expert" come from Dallas last week and when the "expert" got done, their DNS servers were off line about half the time. "Expert" apparently made a second trip to correct that problem. But I got to explain a little DNS to the tech and convince him that it was a failure in their system, not problem on my end. If they have that good an understanding of the system, it makes you really wonder what - if any - security is in place. At least it's a proprietary system and not something any old 802.11 client can lock on to.
-----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Nathan C. Smith Sent: Thursday, May 13, 2004 8:34 AM To: 'firewall-wizards () honor icsalabs com' Subject: RE: [fw-wiz] Worms, Air Gaps and Responsibility Won't it be interesting when people start looking for ways to exploit consumer appliances like Wireless Access Points, SOHO Routers, Tivos, x-boxes, and other "set-top" boxes that are unhardened in the consumer realm. A "set-top box", once infected, might have no way to clear its infection short of returning it to the distributor if the programmer was clever enough. There are a whole range of devices, with more coming on-line everyday that are well-connected and exposed. These boxes with common OS-variants - Linux, Windows and RTOS that will be relatively inexpensive, so there will be access to the equipment, and common vulnerabilities will be available and may go unpatched. -Nate
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Best Practices, (continued)
- Re: Best Practices Dana Nowell (May 21)
- Re: Best Practices Gwendolynn ferch Elydyr (May 21)
- Re: Best Practices Dana Nowell (May 21)
- Re: Re: Best Practices R. DuFresne (May 21)
- Message not available
- Re: Re: Best Practices Dana Nowell (May 21)
- Re: Worms, Air Gaps and Responsibility Nate Campi (May 21)