Re: [iwar] Comments on the Dartmouth Security Study

From: B.K. DeLong (bkdelong@pobox.com)
Date: 2001-09-27 07:38:09 

Return-Path: <sentto-279987-2430-1001601430-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 27 Sep 2001 07:38:06 -0700 (PDT)
Received: (qmail 441 invoked by uid 510); 27 Sep 2001 14:37:28 -0000
Received: from n26.groups.yahoo.com (216.115.96.76) by 204.181.12.215 with SMTP; 27 Sep 2001 14:37:28 -0000
X-eGroups-Return: sentto-279987-2430-1001601430-fc=all.net@returns.onelist.com
Received: from [10.1.4.52] by fg.egroups.com with NNFMP; 27 Sep 2001 14:37:11 -0000
X-Sender: bkdelong@pobox.com
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_4_1); 27 Sep 2001 14:37:10 -0000
Received: (qmail 81142 invoked from network); 27 Sep 2001 14:36:56 -0000
Received: from unknown (10.1.10.27) by 10.1.4.52 with QMQP; 27 Sep 2001 14:36:56 -0000
Received: from unknown (HELO brain-stream.com) (209.95.107.206) by mta2 with SMTP; 27 Sep 2001 14:36:56 -0000
Received: from dreadnought.pobox.com (h005004dffe6f.ne.mediaone.net [24.147.110.237]) by brain-stream.com (8.9.3/8.9.3) with ESMTP id HAA28792 for <iwar@yahoogroups.com>; Thu, 27 Sep 2001 07:36:51 -0700 (PDT)
Message-Id: <5.0.2.1.2.20010927100645.059e01f0@brain-stream.com>
X-Sender: bkdelong@brain-stream.com
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
To: iwar@yahoogroups.com
In-Reply-To: <200109271402.HAA12522@big.all.net>
From: "B.K. DeLong" <bkdelong@pobox.com>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 27 Sep 2001 10:38:09 -0400
Reply-To: iwar@yahoogroups.com
Subject: Re: [iwar] Comments on the Dartmouth Security Study
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

At 07:02 AM 09/27/2001 -0700, you wrote:
> > 2.  Report of suspicious activity to law enforcement immediately to
> > facilitate the warning and investigative processes (Page 19)
>
>As in (1) above, this is likely to further overburden law enforcement
>and create an inability to differentiate or respond to the most
>important events.

Agreed and how do you quantify what should really be reported to law 
enforcement? Even prior to said terrorist events there is an incredible 
amount of "suspicious activity", much of which caused by kids and 
ex-employees of companies within the US.


I must say, scanning through this report I am QUITE disappointed with all 
the "events" pointed out from Israel/Palestine to US - Chinese plane 
incident to Kashmir to Yugoslavia. All of which were perpetrated by script 
kiddies in their respective countries. There might have been a few 
incidents in the Israel/Palestine conflict that may have been specifically 
targeted but the rest of this is just bullshit kidiot activity.

If Vatis REALLY wanted to put the fear of god in people he'd mention in 
1994 when some idiot who thought it might be funny to shut off a rival 
hacker's power hacked into some hydroelectric dam and had access to the 
floodgates. Or perhaps a security system of an airport in Florida that had 
an open dialup without password protection. What about the REAL 
infrastructure issues like power, water, etc? Why aren't we hearing real 
stories about that? Besides the California Power grid being stumbled upon? 
Or the age-old story of the kid who got into the ATC system of a Worcester 
airport?

All the stuff referenced in the four "conflicts" we primarily Web site 
defacements and DDoSs of non-critical networks....sometimes individual Web 
servers. The biggest DDoS to date was  that of Feb 2000 - and it wasn't 
even conflict related. The worm viruses referenced most likely had nothing 
to do with the conflicts themselves - they merely took advantage of the 
fact that the incidents were in people's minds as they were in the news and 
were simply used as a means for getting people to click on the program to 
launch the worm....

Unbelievable - this report may have worse of an effect in regards to 
justifying US kiddies activity than the "Wag the Delio" incident that 
prolonged the US/China spree.

--
B.K. DeLong
bkdelong@pobox.com
617.877.3271

http://www.brain-stream.com               Play.
http://www.the-leaky-cauldron.org        Potter.
http://www.attrition.org                       Security.
http://www.artemisiabotanicals.com     Herb.


------------------------ Yahoo! Groups Sponsor ---------------------~-->
Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide!
http://us.click.yahoo.com/yQix2C/33_CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:50 PDT