mailing list archives
Re: Navy Marine Corps Internet hit
From: Sean Donelan <sean () donelan com>
Date: Wed, 20 Aug 2003 05:11:17 -0400 (EDT)
On Tue, 19 Aug 2003, Scott Weeks wrote:
on the .pif, .scr, etc. attachments...) Maybe I was just lucky. Most
likely, though, they did not create "security zones" to keep problems
contained within certain network segments and not let them out to destroy
Luck is very important.
Like most other people I have no knowledge about how the Navy Marine
Internet works, but that won't stop me from commenting.
It sounds like a "turnkey" operation, with EDS managing everything. They
may have 100,000 users with identical configurations (software, patch
levels, etc) in one big flat network. A large homogeneous population is
vulnerable to a common infection. Nachia has a very effecient scanning
and infection process, particularly if your entire network uses RFC1918
address space internally.