| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Jul 2007 08:21:42 -0400
From: "J. Oquendo" <sil@...iltrated.net>
To: nick@...us-l.demon.co.uk,
full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Pentagon Email Servers Hacked (with the URL
this time)
Nick FitzGerald wrote:
>
> _AND_ at least they noticed and moved to act against it.
>
> Every day, many hundreds of thousands of _successful_ attacks against
> corporations, small businesses and private individuals not only go
> unreported by them, but entirely undetected and largely unnoticed by
> the _attacked_.
>
> The reason for this comment? A great many of those mocking the DHS
> over this incident are part of the group just mentioned and are too
> stupid to ever realize it...
>
An also *informed* number of members realize the potential of gaining
greater budgets by leaving machines vulnerable in an effort to lobby
congress for yet more pork barrel money to "secure" these networks
from "uber" hackers. So let's sift through crapaganda while its on
the table shall we.
/* SNIP */
"“China has downloaded 10 to 20 terabytes of data from the NIPRNet
(DOD’s Non-Classified IP Router Network),” said Maj. Gen. William
Lord, director of information, services and integration in the Air
Force’s Office of Warfighting Integration and Chief Information
Officer, during the recent Air Force IT Conference in Montgomery,
Ala. (http://www.gcn.com/print/25_25/41716-1.html)"
/* END SNIP */
20 Terabytes huh. Unnoticed 20 terabytes? At that rate they would
need some massive pipes to download this all undetected. Let's
analyze the comment and the logic...
20 terabytes on an OC3 would take you 291 hours 44 minutes and 16
seconds give or take. Gigabit Ethernet, 45 hours 30 minutes and
change... So how did they manage do achieve this marvelous feat
of magic undetected. It obviously couldn't be at high speeds
which means they would have had to either go on undetected for
quite some time, or they embedded fiber taps INSIDE of a DoD
location (doubtable).
20 terabytes... I'll tell you what I think usually happens
with DoD and governmental sectors... Private corporations and
those in them slacking (http://cryptome.org/cg-leakage.htm).
Do I blame DoD, absolutely. I take a different view of this
altogether under a what if I was a contractor with no one
monitoring me...
Dictating to secretary:
"We need another million for these uh golf... *scratch that*
for these vertically integrated, high end clustered reverse
path packet injection token based AES FIPS standardized
firewalls. Its cutting edge technology which guarantees
and mitigates against unauthorized intrusions".
The government should undertake a *real* method to secure
their infrastucture. Have it revamped by industry experts
and implemented by those same experts. Not some deep pocket
contractors who will skim so much of the money away and into
accounts in the triple borders. (reality... like it or not)
--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/sil@/g'
"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5157 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists