lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <dnses3$i81$1@sea.gmane.org>
Date: Thu Dec 15 19:10:25 2005
From: davek_throwaway at hotmail.com (Dave Korn)
Subject: Re: Someone is running his mouth again...
	[Hackerattacks in US linked to Chinese military: researchers]


Valdis.Kletnieks@...edu wrote in 
news:200512151842.jBFIgnLu012104@...ing-police.cc.vt.edu
On Wed, 14 Dec 2005 16:27:57 PST, Geoff Shively said:
>> In the attacks, Paller said, the perpetrators "were in and out with no
>> keystroke errors and left no fingerprints, and created a backdoor in less
>> than 30 minutes. How can this be done by anyone other than a military
>> organization?"
>> [/snip]
>>
>> Yes, it must have been military, becuase they rooted the box in under 30
>> minutes, BAH!
>
>On the other hand, let's think about this for a moment.  They weren't *IN*
>in 30 minutes, they were *IN AND OUT* in 30 minutes.
>
>Sure, *anybody* can just r00t a box and leave a backdoor in 30 seconds. 
>But
>that doesn't actually *accomplish* anything

  Your argument here isn't addressing the issue.  We're tackling the false 
assumption that "anyone other than a military organization" *could* do this. 
You're tackling the issue of whether anyone other than a military 
organization *would* do it.

  I agree with Geoff: it's a massive and essentially fraudulent 
extrapolation to go from "in and out in 30 minutes" and "didn't make typos" 
to "must have been done by a military organisation", because neither of 
those things are things that only military organisations can do.

>You hack into a big Oracle server. You're sitting there looking at a '#'
>prompt. *NOW* what do you do?

>You hack into a file server.  You're sitting there looking at a '#' prompt.
>*NOW* what do you do?

  As it suggests in the article, I don't do anything except create a 
backdoor and leave.  Then I can come back at my leisure, perhaps repeatedly 
over a long period, taking my time to see what's on the filing system and 
making as many un-logged typos as I wish.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ