Re: IP spoofing -- assessment

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: anthony baxter: "Re: IP spoofing -- assessment"
• Previous message: Paul Ferguson: "IP spoofing -- assessment"
• Maybe in reply to: Paul Ferguson: "IP spoofing -- assessment"
• Next in thread: anthony baxter: "Re: IP spoofing -- assessment"

At 19:45 1/24/95, Paul Ferguson wrote:
>I would very much like to hear opinions on this list, in particular,
>on the intrusion detection analysis track with regards to most
>recent 'IP Spoofing' and 'Hijacked' tcp connection thread.
[...]
>I would like to enlist the opinions, tacts and input from the list
>members; up until now, this list has been _very_ quiet.

I agree..it sure has been quiet out here.

More important, and what got my attention was an article in today's (1/24)
SF chron which stated:
"The most recent breach was detected on Christmas Day when a computer
security expert at the San Diego Supercomputer Center was robbed of
security software by an unknown individual or group that took over his
computer for the day."
Of interest also was that the tools were subsequently posted at an .edu
site and then taken off the net by their administrators.

This incident is just the tip of the iceberg.  I'm fear that we all may get
spooled off in a router discussion eddy and miss the importance of what the
other tools were and what they do.

How's that for another catalyst?
frank

Frank Swift L-321 (Sent from Home)
Unclassified Computer Security Coordinator
Lawrence Livermore National Laboratory (LLNL)
7000 East Avenue L-321 Livermore CA 94550-9516
Voice:  (510) 422-1463  FAX:  (510) 423-0913

• Next message: anthony baxter: "Re: IP spoofing -- assessment"
• Previous message: Paul Ferguson: "IP spoofing -- assessment"
• Maybe in reply to: Paul Ferguson: "IP spoofing -- assessment"
• Next in thread: anthony baxter: "Re: IP spoofing -- assessment"