l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2003 Mar 18 22:26

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] what do they pay their staff for?!?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] what do they pay their staff for?!?



On Tue, Mar 18, 2003 at 12:26:41PM -0800, Peter Jay Salzman wrote:
> everyone probably read yesterday about the win2k IIS vulnerability
> in webdav yesterday.   heck, webdav *sounds* like a security hole
> waiting to happen.
> 
> and they made no bones about it:  the news said, in black and white,
> there was a tool readily available for download that exploits the
> vulnerability.   the news also said a patch was available from MS.
> 
> 
> today i read the news.  the US army's webserver was hacked.  the webdav
> hole is to blame.
> 
> 
> ok, let's forget the issue of why the army is using IIS to begin with.
> that's a whole different issue.  i'm wondering who gets paid to sit
> around and administrate army webservers, and why it didn't occur to them
> 
>    "hey, wait a minute.  WE'RE running IIS on win2k servers!"

Actually I originally read that story yesterday on msnbc.com just a few
hours after the CERT announcement, and it was attacked before the world
knew about the hole. 

"But the exploit was sophisticated and well designed, and it was
alarmingly successful, said Russ Cooper, security researcher for
TruSecure Corp. The company learned of the attack through sources in the
U.S. military last Tuesday, Cooper said."

So the army computer was attacked at least 6 days before the exploit and
fix were announced publicly.

Remember, this was a 0-day exploit, meaning it was "in the wild" of the
hacker community _before_ it was a known vulnerability by security 
experts. Microsoft got reports last week from customers who were 
attacked, created a patch, and then announced it yesterday morning.
(not the quickest response, but somewhat impressive coming from 
Microsoft)

Rob Rogers
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.