Here, Here. VERY well put. I agree 100%...
*********** REPLY SEPARATOR ***********
On 12/7/2000 at 6:26 AM Crumrine, Gary L wrote:
>Not to criticize the writing of Wired, or of any magazine for that matter,
>but I have come to the conclusion that it is not always wise to believe
>everything that appears in print that comes from "unnamed sources" or
>without hard data to support the premise, and is repeatable by others with
>the same results. I think it fair to withhold judgement until NAI has had a
>chance to formulate an official response. If the article is accurate and
>this was their Official response, then...who knows...
>
>I too share a concern that the ISP in question may be feeling the brunt of
>the firestorm, but not knowing what the agreement/contract between them
>says, it is hard to say who is at fault. It does however bring up an
>interesting point that we all should take note of. When outsourcing the
>hosting of your website, or any other service.. there is a certain
>responsibility on both parties to make sure that all rocks are turned over
>and every expectation is addressed in writing. Spell it out what sort of
>security measures you expect, document who is responsible for what... then
>there is no gray area that ends up biting your backside when something like
>this occurs. It is just plain old good business sense. Also, if you want
>special measures, you have to be willing to pay for them as well.
>
>ISP's are in the business of providing access to the Internet. I personally
>feel the responsibility for protection still remains with the owner of the
>website. Whether that takes the form of increased measures, making a
>better choice of ISP's or making sure you have an agreement that is workable
>and covers all the issues. The onus still remains with the owner of the
>data.
>
>Now I know there are a lot of companies out there that offer secure hosting
>solutions as a way of generating increased revenue, but I think we are a
>long way from expecting all ISP's to adopt the increased security measures
>this would take.
>
>I agree that pointing a finger at the ISP may be the easy way out, but it
>may not be all their fault. Both the ISP and NAI are victims... not the
>criminals.
>
>> -----Original Message-----
>> From: Kathy [SMTP:[EMAIL PROTECTED]]
>> Sent: Wednesday, December 06, 2000 7:41 PM
>> To: [EMAIL PROTECTED]
>> Subject: More info on NAI & McAfee website hacked.
>>
>>
>> Wired has a story on the Network Associates hack.
>> http://www.wired.com/news/business/0,1367,40445,00.html
>>
>> In the article, NAI spokesperson blames their ISP for allowing hackers to
>> break in and lacking security. It seems that NAI is blaming an ISP for
>> allowing hackers in, isnt that similiar to blaming the city which provides
>> road access to my house which allowed the robbers to come by & break in
>> and steal from me?
>>
>> Or it implies that maybe NAI uses a web hosting service that got hacked.
>> Maybe NAI should think about selling some network security to their
>> ISP/webhoster if that is the case.
>>
>> Additional question is if the hackers changed the NAI website content,
>> would that also imply that the hackers could have changed the file
>> download content of their antivirus software and replaced with a trojan?
>> Obviously, this is conjecture and no proof that hackers did this, but I
>> think it is a fair question to ask of NAI or any security company that
>> gets their website hacked.
>>
>>
>> [EMAIL PROTECTED] wrote:
>> > Maybe she was assuming that since NAI IS supposed to be a network
>> > security
>> > company (or at least one of the things they do is network
>> > security) they
>> > would have designed their network using industry accepted best
>> > practices
>> > (i.e. the "dmz off the firewall" thing.. I immediately thought
>> > the same
>> > thing.
>> >
>> > I would love to hear from NAI on what happened.. but then I guess
>> > we would
>> > get the "positive spin" version of the story. Maybe if their
>> > network
>> > security guy got fired, he will no longer be bound by loyalty and
>> > we can
>> > get the skinny... >=)
>> >
>> >
>> > Carric Dooley
>> > Senior Consultant
>> > COM2:Interactive Media
>> >
>> > "But this one goes to eleven."
>> > -- Nigel Tufnel
>> >
>> >
>> > On Tue, 5 Dec 2000, Paul D. Robertson wrote:
>> >
>> > > On Tue, 5 Dec 2000, Kathy wrote:
>> > >
>> > > > If you follow http://www.attrition.org/mirror/attrition/ ,
>> > > > it contains a list of hacked websites. Last week, Network
>> > Associates and McAfee's website in Brazil was hacked.
>> > > >
>> > > > For a mirror of the hacked NAI web page,
>> > > >
>> > http://www.attrition.org/mirror/attrition/2000/11/29/www.nai.com.
>> > br/
>> > > >
>> > > > The hackers must have bypassed NAI's Gauntlet firewall and
>> > CyberCop monitor?
>> > >
>> > > That's a pretty big leap to make. Most people don't put Web
>> > Servers
>> > > behind firewalls *especially* proxy-based firewalls. Also,
>> > there are a
>> > > significant number of Web server attacks that are in-band
>> > (HTTP-based
>> > > attacks), there's not a great deal a firewall can do about
>> > traffic that's
>> > > permitted (hence the long and drawn-out ranting about opening
>> > up inane
>> > > services and protocols yesterday.) Do you have any proof that
>> > the Web
>> > > site was *behind* a firewall, or is it pure conjecture?
>> > >
>> > > Paul
>> > >
>> > -----------------------------------------------------------------
>> > ------------
>> > > Paul D. Robertson "My statements in this message are
>> > personal opinions
>> > > [EMAIL PROTECTED] which may have no basis whatsoever in
>> > fact."
>> > >
>> > > -
>> > > [To unsubscribe, send mail to [EMAIL PROTECTED] with
>> > > "unsubscribe firewalls" in the body of the message.]
>> > >
>> >
>> > -
>> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
>> > "unsubscribe firewalls" in the body of the message.]
>>
>> - Kathy
>>
>> ---======-----
>> --=========---
>> -============-
>> --=========---
>> ---=======----
>> --------------
>>
>>
>>
>> Free web-based email
>> Performance Testing of your web site
>> Only at: http://www.perfstat.com
>> -
>> [To unsubscribe, send mail to [EMAIL PROTECTED] with
>> "unsubscribe firewalls" in the body of the message.]
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
