Sounds familar: Ford: The problem is with the Firestone tires, call
Firestone.
Bottom line: NAI and McAfee should have known better. Chances are the
security staff knew better but were overruled by the bean counters, who of
course are only concerned with the bottom line of the current quarter.
-----Original Message-----
From: Ken Seefried [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 05, 2000 2:18 PM
To: [EMAIL PROTECTED]
Subject: RE: NAI & McAfee website hacked.
The spin appears to be along the lines of "the sites were in a co-location
facility, so it's not really our fault".
Ken
-----Original Message-----
From: Carric Dooley [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 05, 2000 12:26 PM
To: Paul D. Robertson
Cc: Kathy; [EMAIL PROTECTED]
Subject: Re: NAI & McAfee website hacked.
Maybe she was assuming that since NAI IS supposed to be a network security
company (or at least one of the things they do is network security) they
would have designed their network using industry accepted best practices
(i.e. the "dmz off the firewall" thing.. I immediately thought the same
thing.
I would love to hear from NAI on what happened.. but then I guess we would
get the "positive spin" version of the story. Maybe if their network
security guy got fired, he will no longer be bound by loyalty and we can
get the skinny... >=)
Carric Dooley
Senior Consultant
COM2:Interactive Media
"But this one goes to eleven."
-- Nigel Tufnel
On Tue, 5 Dec 2000, Paul D. Robertson wrote:
> On Tue, 5 Dec 2000, Kathy wrote:
>
> > If you follow http://www.attrition.org/mirror/attrition/ ,
> > it contains a list of hacked websites. Last week, Network Associates
and McAfee's website in Brazil was hacked.
> >
> > For a mirror of the hacked NAI web page,
> > http://www.attrition.org/mirror/attrition/2000/11/29/www.nai.com.br/
> >
> > The hackers must have bypassed NAI's Gauntlet firewall and CyberCop
monitor?
>
> That's a pretty big leap to make. Most people don't put Web Servers
> behind firewalls *especially* proxy-based firewalls. Also, there are a
> significant number of Web server attacks that are in-band (HTTP-based
> attacks), there's not a great deal a firewall can do about traffic that's
> permitted (hence the long and drawn-out ranting about opening up inane
> services and protocols yesterday.) Do you have any proof that the Web
> site was *behind* a firewall, or is it pure conjecture?
>
> Paul
>
----------------------------------------------------------------------------
-
> Paul D. Robertson "My statements in this message are personal
opinions
> [EMAIL PROTECTED] which may have no basis whatsoever in fact."
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
