http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/ The Future of the Military, Law Enforcement and National Security Fri, 10 Feb 2012 10:25:29 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179088 Kevin Wed, 30 Apr 2008 01:34:16 +0000 http://deftech.usmilblog.com/?p=2808#comment-179088 Arthur I am affraid there is so much Microsoft out there it is too late to ban it. But being from Netscape, I do like the way you think! Arthur I am affraid there is so much Microsoft out there it is too late to ban it.
But being from Netscape, I do like the way you think!

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179087 Arthur Tue, 29 Apr 2008 02:49:31 +0000 http://deftech.usmilblog.com/?p=2808#comment-179087 Don't you see the trend? Half a million _ISS_ servers attacked, a new virus every 45 seconds (for _Windows_), etc, etc. The easiest solution would be to ban all Microsoft products. Better yet, have some regulation in place to insure that system admins have _some_ brains. The truth is, most of these problems are caused by people going into a field which they have no interest in. Subsequently, they do a poor job at securing their employer and things like this happen. The other problem is of course Microsoft Windows. It's really sad that this poorly put together Operating System has created an entire world of criminal activity that relies on botnets made available by your friendly neighbourhood Windows computers. A repository system for software installation (similar to what Linux has used for years) is one great way to avoid social engineering attacks. However, the real problem is that you have one giant, poorly coded OS for a target and a company that doesn't push out patches very quickly. This leaves huge, gaping security holes that hackers continually exploit. Don’t you see the trend? Half a million _ISS_ servers attacked, a new virus every 45 seconds (for _Windows_), etc, etc. The easiest solution would be to ban all Microsoft products. Better yet, have some regulation in place to insure that system admins have _some_ brains. The truth is, most of these problems are caused by people going into a field which they have no interest in. Subsequently, they do a poor job at securing their employer and things like this happen.
The other problem is of course Microsoft Windows. It’s really sad that this poorly put together Operating System has created an entire world of criminal activity that relies on botnets made available by your friendly neighbourhood Windows computers. A repository system for software installation (similar to what Linux has used for years) is one great way to avoid social engineering attacks. However, the real problem is that you have one giant, poorly coded OS for a target and a company that doesn’t push out patches very quickly. This leaves huge, gaping security holes that hackers continually exploit.

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179086 Uncercover Sun, 27 Apr 2008 22:21:55 +0000 http://deftech.usmilblog.com/?p=2808#comment-179086 RIGHT AGAIN! For all your critics of Mr. Coleman's blogging on here, you should be eating your words AGAIN! 500,000 IIS machines got attacked based on a vulnerability that was acknowledged by Microsoft on April 15th. This is the type of attack the Kevin spoke of in his April 21st Cyber Holes in your Software posting. The attack began just three days after his post. Kevin Coleman has proven himself as on of the worlds top Cyber Warfare Strategist. I am so glad he is on our side. Read http://www.internetnews.com/security/article.php/3742926/HalfMillion+IIS+Servers+Hit+in+Cyber+Attack.htm RIGHT AGAIN!
For all your critics of Mr. Coleman’s blogging on here, you should be eating your words AGAIN! 500,000 IIS machines got attacked based on a vulnerability that was acknowledged by Microsoft on April 15th. This is the type of attack the Kevin spoke of in his April 21st Cyber Holes in your Software posting. The attack began just three days after his post. Kevin Coleman has proven himself as on of the worlds top Cyber Warfare Strategist. I am so glad he is on our side.
Read http://www.internetnews.com/security/article.php/3742926/HalfMillion+IIS+Servers+Hit+in+Cyber+Attack.htm

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179085 Brad Sun, 27 Apr 2008 17:41:48 +0000 http://deftech.usmilblog.com/?p=2808#comment-179085 I just found the DHS listed the "hardware sabatoge" as a threat and initiative the have for this year! How right you were. Working towards a stronger supply chain defense to reduce the potential for adversaries to manipulate IT and communications products before they are imported into the U.S. To address this challenge, the Federal Government is exploring protections into our federal acquisition process and developing a multi-faceted strategy to reduce risk at the most appropriate stage of the IT and communications product lifecycle. I just found the DHS listed the “hardware sabatoge” as a threat and initiative the have for this year! How right you were.
Working towards a stronger supply chain defense to reduce the potential for adversaries to manipulate IT and communications products before they are imported into the U.S. To address this challenge, the Federal Government is exploring protections into our federal acquisition process and developing a multi-faceted strategy to reduce risk at the most appropriate stage of the IT and communications product lifecycle.

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-38686 Kevin Fri, 25 Apr 2008 23:48:18 +0000 http://deftech.usmilblog.com/?p=2808#comment-38686 Well I found an article about the German law. I found allot in German but this one is in english. http://blogs.techrepublic.com.com/networking/?p=263 Thanks to the poster who talked about this. Well I found an article about the German law. I found allot in German but this one is in english.
http://blogs.techrepublic.com.com/networking/?p=263
Thanks to the poster who talked about this.

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179084 Spyguy Fri, 25 Apr 2008 23:05:15 +0000 http://deftech.usmilblog.com/?p=2808#comment-179084 A good Hacker Tool List http://www.jnetworld.com/tools.htm Also you need to realize most hacking is to establish a source of information, not to harm the system! A good Hacker Tool List
http://www.jnetworld.com/tools.htm
Also you need to realize most hacking is to establish a source of information, not to harm the system!

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-38684 Terry Fri, 25 Apr 2008 22:56:41 +0000 http://deftech.usmilblog.com/?p=2808#comment-38684 Kevin and Spy Guy are right! One man's tool is easily another man's weapon. Anyhow the best hacking tools I don't think Kevin would ever list or provide info on how to get them. Kevin and Spy Guy are right! One man’s tool is easily another man’s weapon.
Anyhow the best hacking tools I don’t think Kevin would ever list or provide info on how to get them.

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179082 Kevin Fri, 25 Apr 2008 22:17:50 +0000 http://deftech.usmilblog.com/?p=2808#comment-179082 Since the list seems to be distracting form the point of the matteer, let me try to shed some light on how it came about. Think DUAL PURPOSE 1. Fist of all sys admin tools are being dual purposed. 2. The list was compiled based on actual attacks we have been involved with, experienced or seen over the last three years. If the tool does not appear on the web, I am not overly concerned because that was the tool/attack code we discovered. The point is that organizations are and have turned common admin tools into attack tools. Since the list seems to be distracting form the point of the matteer, let me try to shed some light on how it came about.
Think DUAL PURPOSE
1. Fist of all sys admin tools are being dual purposed.
2. The list was compiled based on actual attacks we have been involved with, experienced or seen over the last three years. If the tool does not appear on the web, I am not overly concerned because that was the tool/attack code we discovered.
The point is that organizations are and have turned common admin tools into attack tools.

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179081 Maurs Fri, 25 Apr 2008 17:36:17 +0000 http://deftech.usmilblog.com/?p=2808#comment-179081 Yeah, some of these "Cyber Weapons and Attack Tools" come with common Linux distributions because they have valid uses. No one is going to be trying to compromise a DoD mainframe with Wireshark. Yeah, some of these “Cyber Weapons and Attack Tools” come with common Linux distributions because they have valid uses. No one is going to be trying to compromise a DoD mainframe with Wireshark.

]]> http://defensetech.org/2008/04/24/professional-cyber-arms-dealers/#comment-179080 Christian Fri, 25 Apr 2008 16:36:59 +0000 http://deftech.usmilblog.com/?p=2808#comment-179080 Fixed, Chris...thanks. Fixed, Chris…thanks.

]]>