lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050526203137.GD21111@force.stwing.upenn.edu>
Date: Fri May 27 12:55:31 2005
From: lists.fd.dmargoli at af0.net (Dan Margolis)
Subject: Not even the NSA can get it right

On Wed, May 25, 2005 at 11:42:45PM -0400, Paul Kurczaba wrote:
> To the NSA's advantage, I truly believe that the NSA.gov site is a 
> natural honeypot. If you think of all the people that try to break in to 
> it, the NSA looks at their logs and says "Sweet!, we've learned 
> something new today. Keep on comming..."
> 
> just my $0.02

Valdis and I discussed this a little bit off-list. He disagrees, but I
contend that anything that the NSA could learn from such would be
useless to their two primary goals--securing intelligence, military, and
other government and private sector infrastructure, and conducting
interception/decryption/info war on foreign (or domestic?) "enemy"
targets. 

Consider: 

www.nsa.gov is NOT a tempting target, thus the likely attackers
are stupid kiddies. 

Stupid kiddies are not going to use anything new to the NSA on
www.nsa.gov. 

The NSA therefore learns a) what the kiddies know, and b) who the
kiddies are (assuming they don't disguise themselves well)

(a) is relatively useless; it's sole value *might* be in indicating what
is "public" and thus not likely to work against a target, but given that
they are going against targets with far more resources than the average
kiddie, this is a poor, if not worthless, indicator of such. 

(b) is useless, because the NSA does not conduct law enforcement
operations against cyber criminals, nor, from what we've all heard, do
they cooperate overly well with the agencies that do. 

So they've really got nothing to gain from wasting valuable employee
time on such a stupid matter. Even the NSA hires underpaid civil
servants--and I don't think it was a top-secret spook who coded the
ColdFusion behind the front page. 

Feel free to let your own imaginations run wild, though. I've heard some
real convincing stories indicating that the Masons were behind the
September 11 attacks, too. 

> According to netcraft, they are running IIS.

You can verify this for yourself by looking at the server headers--or
running an OS fingerprinting tool against them. Sure, they could be
spoofing it, but see above. 

-- 
Dan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ