Re: [ISN] FBI "Cries Wolf" Over Hackers

From: jerichot_private
Date: Tue Apr 14 1998 - 22:06:06 PDT

  • Next message: jerichot_private: "[ISN] DOE Security Web Site"

    Forwarded From: Aleph One <aleph1t_private>
    On this subject I recommend everyone to read John Howard's 
    thesis on the history of CERT reported attacks. Its quite
    interesting. The only major flaw is that John assumes that
    the percentage of sites that report incidents to CERT has
    been constant. I would argue that this is not the case,
    and that indeed the percentage has gone down as new people
    join the Internet. CERT had a high profile when they were
    formed after the Internet worm incident but who tells new
    businesses and ISPs about CERT? No one. Also hacking has
    become more popular and glamourus thanks to the media, and
    the are many more tutorial on hacking and they are easier 
    to obtain than before. You must also understand the
    use of the word "attack". They take it to mean each
    attempt to break into a site even if they dont succeed. 
    So if the attacks fingers you thats one. If they try ftp
    thats two. If they try telnet thats three. Etc. Then
    related attacks are grouped into incidents. The problem
    comes in that most people interchange "attack" and 
    "incident" without explaining what they mean. Then
    you start getting some really funny numbers.
    Aleph One / aleph1t_private
    KeyID 1024/948FD6B5 
    Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Dimensional Communications (

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:50:41 PDT