Full Disclosure mailing list archives
Re: Is your security 6/6/6 ready?
From: n3td3v <n3td3v () gmail com>
Date: Sun, 4 Jun 2006 21:46:07 +0100
On 6/4/06, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:
On Sun, 04 Jun 2006 20:54:37 +0300, analyzerx said: > you must be retarted right? Actually, his question *is* legitimate. I'm sure that at least a few script kiddies will take advantage of "Mark of the Devil Day" to cause mischief. There were similar concerns about hackers doing stuff in conjunction with the Y2K rollover (when they could fly under the wire). Of course, as a co-worker and I pointed out to many people back then, launching a hack attack when the target is probably in an 'all-hands' alert mode *watching* for the slightest twitchiness in the system was a bad idea. The time to do it was on Jan 3, about 6PM local time at the target - at which point the entire IT staff was probably saying "F**k this, even if it's Monday, we're going out and getting falling-down, shit-faced, blowing-chunks(*) drunk. We didn't have a Y2K disaster." Interestingly enough, the SANS DShield project had a interesting post regarding "non-standard incident prediction" just the other day, which overlaps the 6/6/06 issue: http://isc.sans.org/diary.php?storyid=1379 That sort of 'Level 8' thinking *should* be at least thought about as part of a reasonable organizational security stance. And at least *some* people think something interesting is going to happen Tuesday: http://www.cnn.com/2006/US/06/03/hell.party.ap/index.html "According to the town's semi-official web site..." Hmm. Now combine that with the SANS article's comment about fake websites targeting World Cup fans, and add a dash of paranoia.... ;) (*) That's *really* drunk: http://www.eforu.com/jokes/bartender/23.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Symantec is the biggest cyber non-government security 'think tank' for the internet, they have regular meetings to discuss 'cyber security situations' but they have overlooked 6/6/6, they don't see it as a threat, although it could be the biggest day since September the 11th 2001 but they think 'if theres no zero-day on fd or our honey nets then theres no threat', thats funny. n3td3v group know different. We gather intelligence from the biggest blackhats on the internet, we have specific intellignece on attacks planned in less than 48 hours to be launched against network infrastructure. Blackhat conference was last year but the aftermath of Cisco is still to rain down on the internet community. SANS, SYMANTEC, CNET thought everything is safe as long as FD 'chatter' is ok, think again. Theres multiple zero-day for Cisco systems queued up to launch attacks on the internet for 6/6/6
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Is your security 6/6/6 ready? n3td3v (Jun 04)
- Re: Is your security 6/6/6 ready? analyzerx (Jun 04)
- Re: Is your security 6/6/6 ready? Valdis . Kletnieks (Jun 04)
- Re: Is your security 6/6/6 ready? n3td3v (Jun 04)
- RE: Is your security 6/6/6 ready? fractalg (Jun 04)
- Re: Is your security 6/6/6 ready? Valdis . Kletnieks (Jun 07)
- Re: Is your security 6/6/6 ready? analyzerx (Jun 07)
- Re: Is your security 6/6/6 ready? Tonnerre Lombard (Jun 07)
- Re: Is your security 6/6/6 ready? womber (Jun 09)
- Re: Is your security 6/6/6 ready? Valdis . Kletnieks (Jun 04)
- Re: Is your security 6/6/6 ready? analyzerx (Jun 04)
- Re: Is your security 6/6/6 ready? Aaron Gray (Jun 04)
- Re: Is your security 6/6/6 ready? Andrew Farmer (Jun 04)
- Re: Is your security 6/6/6 ready? Aaron Gray (Jun 04)
- Re: Is your security 6/6/6 ready? Aaron Gray (Jun 04)
- RE: Is your security 6/6/6 ready? HTRegz (Jun 04)