[88835] in North American Network Operators' Group
Re: and here are some answers [was: Quarantine your infected users spreading malware]
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Tue Feb 21 01:11:34 2006
Date: Tue, 21 Feb 2006 06:10:31 +0000
From: bmanning@vacation.karoshi.com
To: Rob Thomas <robt@cymru.com>
Cc: bmanning@vacation.karoshi.com, NANOG <nanog@merit.edu>
In-Reply-To: <Pine.GSO.4.62.0602210003040.20788@qentba.nf23028.arg>
Errors-To: owner-nanog@merit.edu
On Tue, Feb 21, 2006 at 12:04:17AM -0600, Rob Thomas wrote:
> ] true enough. but "auntie jane" doesn't have linux/unix web server(s)
> ] or router(s) (other than the one provided by her ISP and managed by them)
> ] and has zero clue about overly permissive <service> machines.
>
> Agreed. Instead all of her financial records are on those
> unix web/database servers, or transit through those routers,
> etc. There's a reason why such devices are popular with
> the criminals. :(
whats the objective? ID theft, fiscal mahem - go for the
infrastructure stuff (like you say). lowest visable impact
for very high fiscal return.
destablize the trust model, perceptions of availability?
large zombie packs might be your best bet.
(we're not in it for the money, we want social change!)
>
> --
> Rob Thomas
> Team Cymru
> http://www.cymru.com/
> ASSERT(coffee != empty);
