[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] Not even the NSA can get it right

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] Not even the NSA can get it right
From: "Lachniet, Mark" <mlachniet@xxxxxxxxxxxxxx>
Date: Wed, 25 May 2005 13:06:01 -0400

Puhleeze, do you really think that tax funded organizations have nothing
better to do?  Government faces a continual battle for resources and
time.  Setting up a "honeypot" as putzy as this would take time and
effort that could be much better spent.  Are you sure it's the NSA that
is paranoid?

Mark Lachniet

> -----Original Message-----
> > lol are you guys joking?  They wouldn't allow an xss bug on their 
> > website on purpose come on now.
> 
> You're not devious enough.  Remember that the *best* place to 
> put a honeypot is right out there in plain sight where it's 
> likely to attract
> attention.   So now they've grepped their Apache logs, and they've
> added several dozen people to their "suspected script kiddie" list.
> 
> (Remember - the NSA probably knows more about proper 
> airgapping than anybody.
> All *those* webservers have on them is non-sensitive content, 
> so you can't actually *get* anything really interesting to 
> happen - in the NSA view of the world, "public website gets 
> defaced" isn't particularly interesting or noteworthy).
> 
> 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Not even the NSA can get it right
Next by Date: Re: [Full-disclosure] Not even the NSA can get it right
Previous by thread: Re: [Full-disclosure] Not even the NSA can get it right
Next by thread: RE: [Full-disclosure] Not even the NSA can get it right
Index(es):
- Date
- Thread