Full Disclosure mailing list archives
Re: Not even the NSA can get it right
From: Dan Margolis <lists.fd.dmargoli () af0 net>
Date: Thu, 26 May 2005 16:31:38 -0400
On Wed, May 25, 2005 at 11:42:45PM -0400, Paul Kurczaba wrote:
To the NSA's advantage, I truly believe that the NSA.gov site is a natural honeypot. If you think of all the people that try to break in to it, the NSA looks at their logs and says "Sweet!, we've learned something new today. Keep on comming..." just my $0.02
Valdis and I discussed this a little bit off-list. He disagrees, but I contend that anything that the NSA could learn from such would be useless to their two primary goals--securing intelligence, military, and other government and private sector infrastructure, and conducting interception/decryption/info war on foreign (or domestic?) "enemy" targets. Consider: www.nsa.gov is NOT a tempting target, thus the likely attackers are stupid kiddies. Stupid kiddies are not going to use anything new to the NSA on www.nsa.gov. The NSA therefore learns a) what the kiddies know, and b) who the kiddies are (assuming they don't disguise themselves well) (a) is relatively useless; it's sole value *might* be in indicating what is "public" and thus not likely to work against a target, but given that they are going against targets with far more resources than the average kiddie, this is a poor, if not worthless, indicator of such. (b) is useless, because the NSA does not conduct law enforcement operations against cyber criminals, nor, from what we've all heard, do they cooperate overly well with the agencies that do. So they've really got nothing to gain from wasting valuable employee time on such a stupid matter. Even the NSA hires underpaid civil servants--and I don't think it was a top-secret spook who coded the ColdFusion behind the front page. Feel free to let your own imaginations run wild, though. I've heard some real convincing stories indicating that the Masons were behind the September 11 attacks, too.
According to netcraft, they are running IIS.
You can verify this for yourself by looking at the server headers--or running an OS fingerprinting tool against them. Sure, they could be spoofing it, but see above. -- Dan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Not even the NSA can get it right, (continued)
- Re: Not even the NSA can get it right Steve Wray (May 24)
- Re: Not even the NSA can get it right Dan Margolis (May 25)
- Re: Not even the NSA can get it right J.A. Terranson (May 25)
- Re: Not even the NSA can get it right James Tucker (May 25)
- Re: Not even the NSA can get it right milw0rm Inc. (May 25)
- Re: Not even the NSA can get it right Valdis . Kletnieks (May 25)
- Re: Not even the NSA can get it right Dan Margolis (May 25)
- Re: Not even the NSA can get it right Valdis . Kletnieks (May 25)
- Re: Not even the NSA can get it right Steve Kudlak (May 26)
- Re: Not even the NSA can get it right Steve Wray (May 24)
- Re: Not even the NSA can get it right Paul Kurczaba (May 25)
- Re: Not even the NSA can get it right Dan Margolis (May 27)
- Re: Not even the NSA can get it right Barrie Dempster (May 27)
- Re: Not even the NSA can get it right James Tucker (May 27)
- Re: Not even the NSA can get it right Eric Paynter (May 30)
- Re: Not even the NSA can get it right Mister Coffee (May 25)
- RE: Not even the NSA can get it right James Longstreet (May 25)