nanog mailing list archives

Re: Navy Marine Corps Internet hit

From: Sean Donelan <sean () donelan com>
Date: Wed, 20 Aug 2003 05:11:17 -0400 (EDT)


On Tue, 19 Aug 2003, Scott Weeks wrote:

on the .pif, .scr, etc. attachments...)  Maybe I was just lucky.  Most
likely, though, they did not create "security zones" to keep problems
contained within certain network segments and not let them out to destroy
other networks.


Luck is very important.

Like most other people I have no knowledge about how the Navy Marine
Internet works, but that won't stop me from commenting.

It sounds like a "turnkey" operation, with EDS managing everything.  They
may have 100,000 users with identical configurations (software, patch
levels, etc) in one big flat network.  A large homogeneous population is
vulnerable to a common infection.  Nachia has a very effecient scanning
and infection process, particularly if your entire network uses RFC1918
address space internally.

Current thread:

Navy Marine Corps Internet hit Sean Donelan (Aug 19)
- Re: Navy Marine Corps Internet hit Scott Weeks (Aug 19)
  - Re: Navy Marine Corps Internet hit Gary E. Miller (Aug 19)
- <Possible follow-ups>
- Re: Navy Marine Corps Internet hit vern (Aug 19)
  - Re: Navy Marine Corps Internet hit Scott Weeks (Aug 19)
    - Re: Navy Marine Corps Internet hit Sean Donelan (Aug 20)
    - Re: Navy Marine Corps Internet hit Scott Weeks (Aug 20)
  - Re: Navy Marine Corps Internet hit Adi Linden (Aug 19)
- RE: Navy Marine Corps Internet hit McBurnett, Jim (Aug 20)
  - RE: Navy Marine Corps Internet hit Scott Weeks (Aug 20)