Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Cuckoo's egg on the face - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cuckoo's egg on the face
Recently, when I couldn't find anything decent to read in an airport bookstore awash with "get rich quick" and "management" books, I ended up buying a copy of Cliff Stoll's "The Cuckoo's Egg". Yes, I've read this before, like every infosec professional should, but it's been a while. The first time 'round, I had read it pretty much like an entertaining crime novel. Not this time, when I kept asking myself "could this still happen today", and usually ended up answering in the affirmative. Take the password issue. Most of the problems Cliff had to fight revolve around guessable or disclosed passwords. That was back in 1987. Now, twenty years later, a significant portion of the hostile traffic seen by DShield are password guessing attacks against VNC, SSH, SMB. Looks like feeling smug about our achievements as computer security specialists might be a bit premature.



Daniel

367 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!