Re: [ISN] Worms Invade, To Network Operators' Dismay

From: mea culpa (jerichoat_private)
Date: Thu Dec 03 1998 - 12:13:39 PST

  • Next message: mea culpa: "[ISN] Web Firms Urged to Self-Regulate"

    Reply From: Felix von Leitner <leitnerat_private-berlin.de>
    
    Thus spake mea culpa (jerichoat_private):
    > [http://www.zdnet.com/intweek/stories/news/0,4164,2169798,00.html]
    
    This article is a great example of worthless data.
    It does not convey anything useful, only FUD and incompetence.
    
    I am actually quite disappointed that you post articles like this, since
    the very reason that mailing lists like ISN exist is so that people like
    me only get the interesting information, separating the chaff from the
    weed.
    
    > Worms Invade, To Network Operators' Dismay
    > By Randy Barrett
    > November 30, 1998 9:41 AM ET
    
    > The intrusion appears to be aimed at Internet service providers' Internet
    > Message Access Protocol (IMAP) servers, which manage e-mail
    > systems.Networks running the Linux operating system version 5.0 from Red
    > Hat Software Inc. on Intel Corp.-based machines appear to be particularly
    > susceptible. 
    
    Why not name the ticker symbols, too?  As if it was Intel's fault that
    people are too dumb to install the patches? 
    
    > The problem was identified in June by the Computer Emergency Response Team
    > at Carnegie Mellon University.
    
    CERT never identified anything.
    They merely relay the reports.
    
    > Now, hackers are using the weakness to perpetuate the worm program.
    
    Bullshit.  If it's a worm, it spreads all by itself.
    
    > The program quietly takes over key components of the root, or central,
    > program and uses the host computer to probe and attack other networks
    > without the systems administrator's knowledge.
    
    The root program.
    Wow.
    What epitome of incompetence.
    People like this should continue writing about Windows NT.
    
    > "The problem with these things is that once they become known, hackers use
    > the CERT advisories to probe networks," said Daniel Senie, president of
    > Amaranth Networks Inc.
    
    This sentence made me post a reply.
    CERT advisories never helped anyone to hack into a machine, because they
    purposely omit the relevant information.  This guy obviously has no idea
    what he is talking about.  Maybe they should have asked his technical
    director, not the president.  Whatever Amaranth Networks is doing, it is
    hopefully not related to the Internet.
    
    > Someone tried to break into Senie's network to find the IMAP weak
    > spot, but the firewall held.
    
    Oh, the firewall held.
    Probably the hacker did not try often enough.
    
    > The hacker left a few clues behind: The attacks came from California
    > Polytechnic State University, the City University of New York and
    > several other schools. But those locations aren't likely to be the
    > hackers' home base. "They've done a reasonable job making it look like
    > the [code] they added was there all along," he said. 
    
    Fortunately for the world, Mr. Senie's pure genius thwarted the hacker's
    weak attempt.
    
    This is incredible.  If you posted this to show that the world is full
    of crap, you succeeded months ago.  You can stop forwarding crap like
    this now. ;)
    
    I suggest that we add a X-BS-Level: header which rates articles from 1
    to 6, 6 being the highest bullshit level.
    
    Felix
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:13:10 PDT