'vuln'dev', and besides I wouldn't think that any one here would do something malicious with any idea that actually worked for the worse.
Assuming that everyone subscribed to the list has the best of intentions, what about people that can scan the publicly accessible archives? Or even the search engines that have nanog archives indexed? There's nothing wrong with kicking ideas like this around with the intention of coming up with a strategy on how to combat them, but perhaps a more discreet forum would be appropriate? I didn't get a chance to look at your idea very closely, but there are interesting possibilities brought up. Guy
On Sat, 23 Aug 2003, guy wrote:
'vuln'dev', and besides I wouldn't think that any one here would do something malicious with any idea that actually worked for the worse.
Assuming that everyone subscribed to the list has the best of intentions, what about people that can scan the publicly accessible archives? Or even the search engines that have nanog archives indexed? There's nothing wrong with kicking ideas like this around with the intention of coming up with a strategy on how to combat them, but perhaps a more discreet forum would be appropriate?
There are a lot more people subscribed to the list than you actually see posting, I'm sure many of them are representatives of the l33t h4x0r community.. My impression of most of these people is that they are very clever, and unless you post something here that is really brilliant thinking the chances are these guys can come up with most of the ideas themselves. Steve
"Stephen J. Wilcox" wrote:
On Sat, 23 Aug 2003, guy wrote:
"J. Oquendo" wrote:
'vuln'dev', and besides I wouldn't think that any one here would do something malicious with any idea that actually worked for the worse.
Stunning innocence. I had to read this statement at least four times to be sure that I was not mistaken. Then I examined the headers, and I wonder if you (J. Oquendo) are being a bit disengenous. You may be well-meaning, but I cannot believe that anyone believes such a thing.
Assuming that everyone subscribed to the list has the best of intentions, what about people that can scan the publicly accessible archives? Or even the search engines that have nanog archives indexed? There's nothing wrong with kicking ideas like this around with the intention of coming up with a strategy on how to combat them, but perhaps a more discreet forum would be appropriate?
We have seen that many people *posting* do not have the best of intentions; I can assure you that there are lurkers on Nanog (surprise, surprise) who are not nearly as naive and well-intentioned as J. O. would hope. In fact, I know that there are subscribers from various print media, various on-line media, and certainly some stunningly unpleasant characters that I run into on other lists. There is no such thing as a discreet forum. If you mean by that, a few people exchanging emails, then surely that is not a forum, not being public. If it is publically accessible, and you aren't sure of precisely every member that's on it, then it's NOT discreet. It may be obscure, but I know plenty people who specialize in the obscure.
There are a lot more people subscribed to the list than you actually see posting, I'm sure many of them are representatives of the l33t h4x0r community..
Those are hardly the persons you need worry about. There *is* no hacker community. There may be pockets here and there, with people of varying skills, and purposes, but there is no community. On the other hand, this is almost certainly not a topic for Nanog, even if the word BGP does appear in the original post. -- In April 1951, Galaxy published C.M. Kornbluth's "The Marching Morons". The intervening years have proven Kornbluth right. --Valdis Kletnieks
We have seen that many people *posting* do not have the best of intentions; I can assure you that there are lurkers on Nanog (surprise, surprise) who are not nearly as naive and well-intentioned as J. O. would hope. In fact, I know that there are subscribers from various print media, various on-line media, and certainly some stunningly unpleasant characters that I run into on other lists.
And after being /.ed several times, there are undoubtedly end-users, small enterprises, non-network folks from networking companies, and assorted other groups which don't fit the traditional network operator mold. Oh, and sales people...
On Wed, 27 Aug 2003 bdragon@gweep.net wrote:
We have seen that many people *posting* do not have the best of intentions; I can assure you that there are lurkers on Nanog (surprise, surprise) who are not nearly as naive and well-intentioned as J. O. would hope. In fact, I know that there are subscribers from various print media, various on-line media, and certainly some stunningly unpleasant characters that I run into on other lists.
And after being /.ed several times, there are undoubtedly end-users, small enterprises, non-network folks from networking companies, and assorted other groups which don't fit the traditional network operator mold. Oh, and sales people...
Case in point: http://slashdot.org/articles/03/08/27/0214238.shtml?tid=111&tid=126 references http://www.merit.edu/mail.archives/nanog/msg12818.html For those few finding the NANOG archives for the first time with this /. link, I'm sure they'll take some time to poke around recent threads with interesting titles like "Sobigf + BGP" Pete.
Stephen J. Wilcox <steve@telecomplete.co.uk> wrote:
My impression of most of these people is that they are very clever, and unless you post something here that is really brilliant thinking the chances are these guys can come up with most of the ideas themselves.
When Blaster hit back on Aug 11, I remembered an earlier NANOG post that I saw: Subject: Re: Microsoft.com attack? On Fri, 1 Aug 2003, Adam Maloney <adamm@sihope.com> wrote:
I was just thinking the other day, wouldn't it be funny if there was a worm that had infected machines attack windowsupdate.microsoft.com so you couldn't patch? :)
Despite the windowsupdate.microsoft.com vs windowsupdate.com difference, the paranoid side of me thinks that this was more than coincidental... -Sounil
And my wife said 2 days at fortuneteller camp was a waste of money - Hah! This is neat, maybe I can make some more stuff happen. "Tomorrow I will win the lottery." "My next Qwest bill will be correct." Incidentally, I'd dump that stock you just bought - the CEO of that company is going to be involved in a little "incident" next week involving 2 goats, a paper mache' reconstruction of the Eiffel tower, and a well known youth organization. The oracle has spoken :)
When Blaster hit back on Aug 11, I remembered an earlier NANOG post that I saw:
Subject: Re: Microsoft.com attack? On Fri, 1 Aug 2003, Adam Maloney <adamm@sihope.com> wrote:
I was just thinking the other day, wouldn't it be funny if there was a worm that had infected machines attack windowsupdate.microsoft.com so you couldn't patch? :)
Despite the windowsupdate.microsoft.com vs windowsupdate.com difference, the paranoid side of me thinks that this was more than coincidental...
-Sounil
Adam Maloney Systems Administrator Sihope Communications
participants (7)
-
Adam Maloney -
bdragon@gweep.net -
Etaoin Shrdlu -
guy -
Pete Kruckenberg -
Sounil Yu -
Stephen J. Wilcox