Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Full-disclosure] Not even the NSA can get it right

from [Lachniet, Mark] Network Security [Permanent Link]
Subject: RE: [Full-disclosure] Not even the NSA can get it right
Date: Wed, 25 May 2005 13:06:01 -0400 
Puhleeze, do you really think that tax funded organizations have nothing
better to do?  Government faces a continual battle for resources and
time.  Setting up a "honeypot" as putzy as this would take time and
effort that could be much better spent.  Are you sure it's the NSA that
is paranoid?

Mark Lachniet


-----Original Message-----

lol are you guys joking?  They wouldn't allow an xss bug on their 
website on purpose come on now.


You're not devious enough.  Remember that the *best* place to 
put a honeypot is right out there in plain sight where it's 
likely to attract
attention.   So now they've grepped their Apache logs, and they've
added several dozen people to their "suspected script kiddie" list.

(Remember - the NSA probably knows more about proper 
airgapping than anybody.
All *those* webservers have on them is non-sensitive content, 
so you can't actually *get* anything really interesting to 
happen - in the NSA view of the world, "public website gets 
defaced" isn't particularly interesting or noteworthy).



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Not even the NSA can get it right, Mister Coffee
Next by Date:  Re: [Full-disclosure] Not even the NSA can get it right, Dan Margolis
Previous by Thread:  Re: [Full-disclosure] Not even the NSA can get it right, imipak
Next by Thread:  RE: [Full-disclosure] Not even the NSA can get it right, Castigliola, Angelo
Indexes:  [Date] [Thread] [Top] [All Lists]