Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Materials regarding Cyber-war
From: coderman <coderman () gmail com>
Date: Wed, 23 Mar 2011 13:33:04 -0700

On Wed, Mar 23, 2011 at 12:22 PM, imipak <imipak () gmail com> wrote:


re: """The IP address of the initial attack was recorded and has been
determined to be assigned to an ISP in Iran. A web survey revealed one
of the certificates deployed on another IP address assigned to an
Iranian ISP. The server in question stopped responding to requests
shortly after the certificate was revoked....
While the involvement of two IP addresses assigned to Iranian ISPs is
suggestive of an origin, this may be the result of an attacker
attempting to lay a false trail."""

iran is pretty incompetent in most information technology respects.
odds strongly favor pwn hops through their unmonitored, unmaintained,
unhardened, sloppy conglomerations of servers and switches...*

i suppose we can add RSA to the thread:

although any time someone blames ADVANCED persistent threat i like to
recall fondly the Aleatory threat,
if you've been lazy on infosec, opsec for a while without calamity by
sheer luck, this is definitely the year your luck will run out. lazy
== pwned

* like all generalizations this is false.
   , in whole yet frequently true in parts. ;)

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]