nanog mailing list archives

Re: NYT covers China cyberthreat

From: "calin.chiorean" <calin.chiorean () secdisk net>
Date: Wed, 20 Feb 2013 09:36:10 +0100

IMO, if we stick to the document and they are organized in military style, then a person who collect information, 
should focus only on that particular phase. That person is an operator, he or she should not be keep busy remembering 
long CLI commands. The scope is to deliver ASAP.

No matter how much I like CLI and to put my fingers into text mode, I have to admit that point and click in windows is 
an easier and faster method to achieve the task I did mention. As Warren mention, if you have 20 "brains" it's easy to 
put those people port a tool from *nix to other platform and have the other 500 operators run it in windows. It's just 
a matter of good sense and "business" effectiveness :)

Maybe I misinterpret information, but this is how I see things.

Cheers,
Calin  


---- On Wed, 20 Feb 2013 09:24:10 +0100 Warren Bailey<wbailey () satelliteintelligencegroup com> wrote ----

They are when you have a college full of programmers. 
 
 
From my Android phone on T-Mobile. The first nationwide 4G network. 
 
 
 
-------- Original message -------- 
From: Scott Weeks <surfer () mauigateway com> 
Date: 02/20/2013 12:23 AM (GMT-08:00) 
To: nanog () nanog org 
Subject: Re: NYT covers China cyberthreat 
 
 
 
--- calin.chiorean () secdisk net wrote: 
From: "calin.chiorean" <calin.chiorean () secdisk net> 
 
<snipped> 
:: when all tools are available for windows os, you just have to compile them. 
<sniped out the rest> 
------------------------------------------------- 
 
 
They're not all available for m$. 
 
scott 
 
 
 
 
 
 
---- On Wed, 20 Feb 2013 09:02:35 +0100 Scott Weeks  wrote ----

Be sure to read the source: 

intelreport.mandiant.com/Mandiant_APT1_Report.pdf 

I'm only part way through, but I find it hard to believe that 
only micro$loth computers are used as the attack OS. Maybe I 
haven't gotten far enough through report to find the part 
where they use the *nix boxes?

Current thread:

Re: Network security on multiple levels (was Re: NYT covers China cyberthreat), (continued)
- - - Re: Network security on multiple levels (was Re: NYT covers China cyberthreat) Cameron Byrne (Feb 20)
    - Re: Network security on multiple levels (was Re: NYT covers China cyberthreat) Jon Lewis (Feb 20)
    - Re: Network security on multiple levels (was Re: NYT covers China cyberthreat) Jack Bates (Feb 20)
    - Re: Network security on multiple levels (was Re: NYT covers China cyberthreat) Steven Bellovin (Feb 20)
- Re: NYT covers China cyberthreat . (Feb 20)
- Re: NYT covers China cyberthreat Scott Weeks (Feb 20)
  - Re: NYT covers China cyberthreat calin.chiorean (Feb 20)
    - Re: NYT covers China cyberthreat Barry Shein (Feb 20)
- Re: NYT covers China cyberthreat Scott Weeks (Feb 20)
  - Re: NYT covers China cyberthreat Warren Bailey (Feb 20)
    - Re: NYT covers China cyberthreat calin.chiorean (Feb 20)
    - Re: NYT covers China cyberthreat Warren Bailey (Feb 20)
    - Re: NYT covers China cyberthreat calin.chiorean (Feb 20)
- Re: NYT covers China cyberthreat Scott Weeks (Feb 20)
  - Re: NYT covers China cyberthreat Suresh Ramasubramanian (Feb 20)
    - Re: NYT covers China cyberthreat Randy Bush (Feb 20)
    - Re: NYT covers China cyberthreat Jay Ashworth (Feb 20)
    - About private networks (Was Re: NYT covers China cyberthreat) Alain Hebert (Feb 20)
- Re: NYT covers China cyberthreat Scott Weeks (Feb 20)
- Re: NYT covers China cyberthreat Scott Weeks (Feb 20)
  - Re: NYT covers China cyberthreat Warren Bailey (Feb 20)

(Thread continues...)