Wired has a story on the Network Associates hack.
http://www.wired.com/news/business/0,1367,40445,00.html
In the article, NAI spokesperson blames their ISP for allowing hackers to break in and
lacking security. It seems that NAI is blaming an ISP for allowing hackers in, isnt
that similiar to blaming the city which provides road access to my house which allowed
the robbers to come by & break in and steal from me?
Or it implies that maybe NAI uses a web hosting service that got hacked. Maybe NAI
should think about selling some network security to their ISP/webhoster if that is the
case.
Additional question is if the hackers changed the NAI website content, would that also
imply that the hackers could have changed the file download content of their antivirus
software and replaced with a trojan? Obviously, this is conjecture and no proof that
hackers did this, but I think it is a fair question to ask of NAI or any security
company that gets their website hacked.
[EMAIL PROTECTED] wrote:
> Maybe she was assuming that since NAI IS supposed to be a network
> security
> company (or at least one of the things they do is network
> security) they
> would have designed their network using industry accepted best
> practices
> (i.e. the "dmz off the firewall" thing.. I immediately thought
> the same
> thing.
>
> I would love to hear from NAI on what happened.. but then I guess
> we would
> get the "positive spin" version of the story. Maybe if their
> network
> security guy got fired, he will no longer be bound by loyalty and
> we can
> get the skinny... >=)
>
>
> Carric Dooley
> Senior Consultant
> COM2:Interactive Media
>
> "But this one goes to eleven."
> -- Nigel Tufnel
>
>
> On Tue, 5 Dec 2000, Paul D. Robertson wrote:
>
> > On Tue, 5 Dec 2000, Kathy wrote:
> >
> > > If you follow http://www.attrition.org/mirror/attrition/ ,
> > > it contains a list of hacked websites. Last week, Network
> Associates and McAfee's website in Brazil was hacked.
> > >
> > > For a mirror of the hacked NAI web page,
> > >
> http://www.attrition.org/mirror/attrition/2000/11/29/www.nai.com.
> br/
> > >
> > > The hackers must have bypassed NAI's Gauntlet firewall and
> CyberCop monitor?
> >
> > That's a pretty big leap to make. Most people don't put Web
> Servers
> > behind firewalls *especially* proxy-based firewalls. Also,
> there are a
> > significant number of Web server attacks that are in-band
> (HTTP-based
> > attacks), there's not a great deal a firewall can do about
> traffic that's
> > permitted (hence the long and drawn-out ranting about opening
> up inane
> > services and protocols yesterday.) Do you have any proof that
> the Web
> > site was *behind* a firewall, or is it pure conjecture?
> >
> > Paul
> >
> -----------------------------------------------------------------
> ------------
> > Paul D. Robertson "My statements in this message are
> personal opinions
> > [EMAIL PROTECTED] which may have no basis whatsoever in
> fact."
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
- Kathy
---======-----
--=========---
-============-
--=========---
---=======----
--------------
Free web-based email
Performance Testing of your web site
Only at: http://www.perfstat.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
