> I have heard some rather unsettling rumours that another round of hacker > hostilities are approaching. Apparently chinese hackers are planning to > release a variety of worms in the near future. > > My question to the list; is there any validity to this information? I have > seen a new scan pattern that is searching out recently exploited ports, > as have several others who responded to my earlier posts. > > Any information would be greatly appreciated. I don't mean to sound flippant, because that's not what I'm tending here. Nor is this a personal attack, far from it! However, I would like to ask the question, "What difference does it make?" Why would I pose that question? Well, for starters, system administrators should be ever vigilant in proactively mitigating risk factors that attract crackers. Likewise, it is impossible to gauge for sure when an organization might be hit with a slew of attacks and probes at once. I understand the curiosity in regards to another potential Chinese onslaught, but there's no saying another organization or individual might have your systems and only your systems in his or her sight. I hope another wave of large scale attacks in the near future is a rumor, but, likewise, the only systems that really have troubles are those that are either poorly administrated or not administrated at all! (I would know, I had to clean up an NT box that was sitting in a basement for 3 months that handled web, ftp, email, file sharing AND was the PDC for their domain (no BDC... just one PDC).) I think these attacks should remind us sysadmins that we really have to keep on our toes and continue to do our jobs well in order to protect our organization's IT infrastructure. We get paid good money to do it (well, most of you at least. *wink*) and reading these lists is a good first step towards being aware of the potential dangers out there. Regards, Paul "Froggy" Schneider
This archive was generated by hypermail 2b30 : Thu May 24 2001 - 09:03:07 PDT