[linux-elitists] yup

Rick Moen rick@linuxmafia.com
Fri Feb 11 17:41:46 PST 2000


Quoting Derek Vadala (derek@usfca.edu):

> http://www.currents.net/newstoday/00/02/11/news12.html	
> anyone? anyone?

What a week.

First, we have a stream of DoS attacks by hijacked hosts against famous
(but not very important) Web sites -- which the press proves completely
incapable of comprehending and reporting correctly.

Second, we have boneheads at the FBI's National Infrastructure
Protection Center trying to milk the incident for publicity, hawking a
third-party's TRINOO/TFN scanner as a cure-all but incompetently omitting
his eminently available source code and documentation
(http://www.washington.edu/People/dad/).

Last, we have a self-serving press release by Zach Nelson, head of yet
another Network Associates, Inc. division aimed at nervous pointy-hairs, 
being quoted as a news "story" by a lazy NewsBytes reporter -- which is 
then hastily withdrawn.  (The original "story" is still mirrored at
http://www.nacs.net/~heller/sol_linux_hack.html.)  

What does it mean?

1.  NAI has a sordid history of inventing "facts" to promote its business
-- predictably, given how much of its business is founded on bypassing 
executives' underdeveloped cerebral cortexes and appealing directly to 
the flight reflex in their reptilian brainstems.  See:  
http://www.zdnet.co.uk/news/news1/ns-1249.html .  

2.  Genuine facts about the hijacked hosts used for the recent attacks 
are difficult to come by, but the attack mode used is obviously usable 
on any hijacked system posessing a TCP/IP stack.

3.  It's _possible_ that the only hijacked hosts recently used run 
Solaris and Linux -- but, if so, it's coincidental.  (See point #2.)

4.  The Slashdot community's reaction was thus somewhat overblown --
but the underlying so-called "story" from Newsbytes was more so.

5.  NAI's nostrum at http://www.mycio.com/ -- a magic Web-based cureall 
-- reflects the larger global problem of people running Internet hosts
and not only not knowing what they're doing, but also not _wanting_ to 
learn.  The only long-term remedy to the recent sorts of DDoS attacks is
general cluefulness and caution by sysadmins and backbone providers.  
NAI (characteristically) is peddling fake cures for those unwilling to 
grapple with reality.

6.  The Newbytes editors' corrective action was commendable, even if
their explanation was slightly inaccurate:  They cited "gross
inaccuracies", but it's more to the point that the article was a sleazy 
commercial advertisement _posing_ as a news story.

Und so weider.

-- 
Cheers,                Linux:  It is now safe to turn on your computer.
Rick Moen
rick (at) linuxmafia.com




More information about the linux-elitists mailing list