HB1197 Status
Neil Schelly
neil at jenandneil.com
Thu Feb 16 14:34:00 EST 2006
On Thursday 16 February 2006 02:14 pm, Ed Lawson wrote:
> Well, this is a password sniffer that has been around for five
> years and no doubt has been in anti-virus software for nearly as
> long yet they were running a windows box without running
> anti-virus software and it was a server containing critical info.
> What are the odds it is the tip of the old iceberg?
>
> Sounds like a sys admin issue to me.
It definitely is. The article mentioned that this machine was in a DMZ and
that's why the attack didn't go very far. That said, if all this other
information was on a machine in the DMZ, then it leads you to wonder why
there's a DMZ at all. Theoretically, you should be able to break into the
DMZ and still be relatively restricted from accessing anything sensitive.
-Neil
More information about the gnhlug-discuss
mailing list