Re: WMF Threat OK , but no huge attack ... WHY ?

[Valdis.Kletnieks () vt edu]

On Mon, 09 Jan 2006 17:34:18 GMT, pejman.gohari () gmail com said:
> Hi,
>
> The WMF threat was and continues to be important.
> But I’m curious to know why we didn’t observe any important attack on Internet?

Maybe there was one, and we didn't notice.

> WMF was a perfect Zero-Day attack and a scenario like the blackout of Internet was possible … but nothing … or no 
> important attack! 

Only if that was a goal...

> All hackers become white-hat?

No. Many of the hackers depend on the net being *UP* to make their money.
If the net is down, it's harder to go hacking for credit card numbers, or threaten
to DDoS a specific site, or all the other ways the hackers pay their rent.

Who benefits if the *entire* net is down? (Think about that for a while....)

> Or they attacked and we didn’t see anything? 

Well, if *I* was a black hat, I'd have used the WMF hole to get a backdoor into
a fairly limited number of machines that I intended to use for benefit.  Just
think - a few compromised PC's on the internal net of each of the hundred
biggest banks...  And I'd certainly want to be as invisible as possible while
doing it.

Attachment: _bin
Description: