Re: another wave?

[gattaca () hushmail com]

Paul,

No offense taken; had my emotions surgically removed years ago :)

My motivation for my initial post was literally just me being a good "netizen". 
The fact that it was a specific group that I referred to was just the "intel" 
that had been passed along to me. I feel (personal view) that it is necessary 
to share such information in a bid to promote a higher level of cooperation 
betwix security folk, sysadmins, et cetera. You're right, it 's quite nearly 
impossible to gauge potential attacks however, it is not outside the realm 
of possibility in the information warfare arena. As to the difference; I 
believe that in order to better prepare for whatever may come down the pipe,
 one must arm themselves with information.

"reading these lists is a good first step towards being aware of the potential 
dangers out there.", I couldn't agree more.

cheers,
gattaca

-=-=-=-=-=-=-=-=-=-

At Thu, 24 May 2001 11:44:03 -0400, "Paul \"Froggy\" Schneider" <froggy () eecs cwru edu> 
wrote:
> I don't mean to sound flippant, because that's not what I'm tending 
> here.
> Nor is this a personal attack, far from it!
>
> However, I would like to ask the question, "What difference does it 
> make?"
>
> Why would I pose that question?  Well, for starters, system administrators
> should be ever vigilant in proactively mitigating risk factors that
> attract crackers.  Likewise, it is impossible to gauge for sure when 
> an
> organization might be hit with a slew of attacks and probes at once. 
> I
> understand the curiosity in regards to another potential Chinese
> onslaught, but there's no saying another organization or individual
> might have your systems and only your systems in his or her sight.
>
> I hope another wave of large scale attacks in the near future is a rumor,
> but, likewise, the only systems that really have troubles are those 
> that
> are either poorly administrated or not administrated at all! (I would
> know, I had to clean up an NT box that was sitting in a basement for 
> 3
> months that handled web, ftp, email, file sharing AND was the PDC for
> their domain (no BDC... just one PDC).)
>
> I think these attacks should remind us sysadmins that we really have 
> to
> keep on our toes and continue to do our jobs well in order to protect
> our organization's IT infrastructure.  We get paid good money to do 
> it
> (well, most of you at least. *wink*) and reading these lists is a good
> first step towards being aware of the potential dangers out there.
>
>
> Regards,
>
> Paul "Froggy" Schneider
Free, encrypted, secure Web-based email at www.hushmail.com