Home page logo

nanog logo nanog mailing list archives

Re: Navy Marine Corps Internet hit
From: Sean Donelan <sean () donelan com>
Date: Wed, 20 Aug 2003 05:11:17 -0400 (EDT)

On Tue, 19 Aug 2003, Scott Weeks wrote:
on the .pif, .scr, etc. attachments...)  Maybe I was just lucky.  Most
likely, though, they did not create "security zones" to keep problems
contained within certain network segments and not let them out to destroy
other networks.

Luck is very important.

Like most other people I have no knowledge about how the Navy Marine
Internet works, but that won't stop me from commenting.

It sounds like a "turnkey" operation, with EDS managing everything.  They
may have 100,000 users with identical configurations (software, patch
levels, etc) in one big flat network.  A large homogeneous population is
vulnerable to a common infection.  Nachia has a very effecient scanning
and infection process, particularly if your entire network uses RFC1918
address space internally.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]