0wned .gov machines (was Re: Russian cyberwar against Estonia?)
Adam Shostack
adam at homeport.org
Sat May 19 18:23:49 EDT 2007
On Sat, May 19, 2007 at 05:01:03PM -0400, Perry E. Metzger wrote:
|
| "Trei, Peter" <ptrei at rsasecurity.com> writes:
| > 1. Do you have any particular evidence that any significant
| > number of US .gov machines are bots? They may well be, just
| > I haven't heard this.
|
| I've heard nothing formal, but my strong understanding is a lot of US
| government machines, at least if we're talking workstations on
| non-classified nets, are in fact "0wn3d" at this point. This should
http://blog.support-intelligence.com/2007/04/doa-week-14-2007.html
claims to measure bot activity. Now, it may be that US .gov hosts are
worth more, and so don't get used in random DOS attacks, but I think
this is some of the more interesting evidence out there.
I've asked some questions about it in
http://www.emergentchaos.com/archives/2007/04/month_of_owned_corporatio.html
Speaking for me only,
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list