[60926] in North American Network Operators' Group
Re: Navy Marine Corps Internet hit
daemon@ATHENA.MIT.EDU (Sean Donelan)
Wed Aug 20 05:12:01 2003
Date: Wed, 20 Aug 2003 05:11:17 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: Scott Weeks <surfer@mauigateway.com>
Cc: vern@ee.lbl.gov, <nanog@merit.edu>
In-Reply-To: <20030819134743.B66330-100000@www.mauigateway.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 19 Aug 2003, Scott Weeks wrote:
> on the .pif, .scr, etc. attachments...) Maybe I was just lucky. Most
> likely, though, they did not create "security zones" to keep problems
> contained within certain network segments and not let them out to destroy
> other networks.
Luck is very important.
Like most other people I have no knowledge about how the Navy Marine
Internet works, but that won't stop me from commenting.
It sounds like a "turnkey" operation, with EDS managing everything. They
may have 100,000 users with identical configurations (software, patch
levels, etc) in one big flat network. A large homogeneous population is
vulnerable to a common infection. Nachia has a very effecient scanning
and infection process, particularly if your entire network uses RFC1918
address space internally.
