[80718] in North American Network Operators' Group
Re: Internet attack called broad and long lasting
daemon@ATHENA.MIT.EDU (Gadi Evron)
Wed May 11 06:43:42 2005
Date: Wed, 11 May 2005 13:44:22 +0300
From: Gadi Evron <gadi@tehila.gov.il>
To: Alexei Roudnev <alex@relcom.net>
Cc: Sean Donelan <sean@donelan.com>, nanog@merit.edu
In-Reply-To: <001401c55601$b0dc49b0$6401a8c0@alexh>
Errors-To: owner-nanog@merit.edu
Alexei Roudnev wrote:
> O, my god. Primitive hack, primitive ssh exploit.... I watched it all 6
> years ago, bnothing changed since this.
>
> It is _minor_ incident, in reality.
Primitive I can understand, but _minor_?
First, I don't really see why an attack should be estimated by the tool
used. If a 10 years old exploit would work, why should an attacker look
for and use a 0day? It's silly allocation of resources.
Burrowing from that, if the attack is successful, and the loss is
significant, I think the way there - although cute, is irrelevant except
for the defender.
Gadi.