Re: "Fortune 1000 Companies Sending Spam, Phishing" (slashdot)

["Sean Donelan" <sean () donelan com>]

Brian Loe <knobdy () gmail com> said:
> On 3/30/07, Paul Vixie <paul () vix com> wrote:
> > <SNIP>
> > From the story: '...an IT
> > engineer with American Electric Power, said the stock spam came from a
> > bot-infected computer belonging to a contractor at one of its power 
generator
> > plants.'"
>
> That hits close to home in my new position - the government is
> dragging a bit on getting its new regulations in order. Unfortunately
> too, the regulations - or the preliminary guesstimate regulations - do
> not go a long way in providing security as a whole but specifically
> target systems involved in power production, black start systems and
> other systems used in the direct management and monitoring of same.
> That leaves out the most likely to be attacked admin-type systems. I
> much prefer the DoD regulations though they may not go far enough
> either.

And why do you believe government or DOD networks have significantly 
different bot infestations?

Although the washingtonpost pointed at Fortune 1000 companies, this haven't 
changed for many years.  The bot infestations are pretty similar across all 
industries and types of networks (home v. business, government v. 
commercial, financial v. social, etc, etc, etc).


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.