[Beowulf] Newbie

Robert G. Brown rgb at phy.duke.edu
Fri Jan 6 14:10:42 EST 2006


On Fri, 6 Jan 2006, Leif Nixon wrote:

> Not even then, unless you know for sure that there are no potential
> attackers in the whole world that are smarter than you.

See?  All serious sysadmins are raving paranoids.  Or else they are
arrogant as hell and actually think that they are smarter than all
crackers.

Often the reason they get away with thinking this is that they
administer a site where there is nothing to interest a serious cracker
and see only the dumb ones.  "Fortunately" (if that is the word:-):

   a) Smart crackers (mostly) attack sites that are worth something if
they succeed.  Like banks or businesses or hosts that they can turn to
nefarious purposes like pushing viral stealth spam.  Other sites are
useful to them only as breakouts to hide their true point of origin.
They are smarter than I am (even though they are DUMB in SO many
ways...)

   b) Studid crackers crack because "they can", crack anything that gives
them traction, using all sorts of malware.  They make a silly little
game out of it.  Fortunately they're usually DUMBER and their rootkits
often don't work, their malware scripts have bugs; they leave big
footprints if you bother to look.

This isn't a perfect separation -- there are rare smart crackers who do
it just because they can and who target boxes with no thought of gain.
Stupid crackers who try cracking valuable sites are rarer -- they end up
in jail or under restraining orders pretty quickly -- we've encountered
a very few of them and the FBI gets very interested (and I imagine that
potentially terror-linked events would get even more interest:-)

However, my systems are generally nothing special with little of 3rd
party value on them.  There have been a FEW attempts at information
theft at Duke (that I know of) -- the ones I do know of were done by
rank amateurs (grad students, postdocs) with crude methods who were
promptly identified, evidence of their nefarious activity gathered, and
who where subsequently booted far far away.

     rgb

-- 
Robert G. Brown	                       http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567  Fax: 919-660-2525     email:rgb at phy.duke.edu


_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf



More information about the Beowulf mailing list