Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cuckoo's egg on the face
Recently, when I couldn't find anything decent to read in an airport bookstore awash with "get rich quick" and "management" books, I ended up buying a copy of Cliff Stoll's "The Cuckoo's Egg". Yes, I've read this before, like every infosec professional should, but it's been a while. The first time 'round, I had read it pretty much like an entertaining crime novel. Not this time, when I kept asking myself "could this still happen today", and usually ended up answering in the affirmative. Take the password issue. Most of the problems Cliff had to fight revolve around guessable or disclosed passwords. That was back in 1987. Now, twenty years later, a significant portion of the hostile traffic seen by DShield are password guessing attacks against VNC, SSH, SMB. Looks like feeling smug about our achievements as computer security specialists might be a bit premature.


385 Posts
ISC Handler
Jan 2nd 2007

Sign Up for Free or Log In to start participating in the conversation!