__/ [Erik Funkenbusch] on Monday 17 October 2005 02:10 \__
> On Mon, 17 Oct 2005 02:18:08 +0200, Roy Culley wrote:
>> What's this got to do with Linux I hear you say. Well, according
>> to netcraft they are running Apache on Linux:
>> http://www.mi6.gov.uk was running Apache-AdvancedExtranetServer on
>> Linux when last queried at 13-Oct-2005 01:40:28 GMT
>> Now we know just how much HMG sucks up to Dubya and MS but when
>> security really matters OSS and Linux win the day.
> I think it's pretty damned unlikely that the site is anything more than a
> "brochure" site. In other words, only containing public relations
> information, nothing critical or sensitive.
> As such, the choice of Linux (or Windows for that matter) has nothing to
> do with when "security really matters".
Read my post which is bound to the parent, then go to:
Down the page under the heading "Dissemination":
Products up to and including the Secret level are disseminated throughout
the FBI via the FBI Intranet.
Information sharing with other government agencies at the SECRET level
requires access to the DOD Secret Internet Protocol Router Network
(SIPRNET). SIPRNET provides the communications backbone for INTELINK-S, the
Secret intelligence Intranet. INTELINK-S contains classified information
from more than 200 Web servers supporting the intelligence, homeland
security, military, counterintelligence, and law enforcement communities.
Now, I admit it took me a while to chase this reference... I had
the British hacker in mind all along...
All essential, sensitive, and mission critical information is
handled via SIPRNET
For starters, how are we calculating damages, and how confident
should the American public feel if one guy in his late thirties
can break into the "most secure computers at the Pentagon and
NASA" by scanning "tens of thousands of computers on US military
networks from his home PC, looking for machines that might be
exposed due to flaws in the Windows operating system". (emphasis
mine) Later in the article, "Many of the computers he broke into
were protected by easy-to-guess passwords, investigators said."
I once read somewhere else (nearer the time of the trial) that Gary McKinnon
simply exploited user stupidity in a *NIX environment. The admins did not
bother to CHANGE THE DEFAULT ROOT PASSWORD.
Now, put two and two together.
Roy S. Schestowitz | make install -not war
http://Schestowitz.com | SuSE Linux | PGP-Key: 74572E8E
2:25am up 52 days 14:39, 5 users, load average: 0.43, 0.47, 0.57
http://iuron.com - next generation of search paradigms