Slashdot Mirror
DoD and Net Attacks
Chernyakov writes "The Washington Post has an article about attacks on DoD systems. According to the article, the Pentagon's chief information officer said 'The Defense Department suffered more than 22,000 electronic attacks on its computer systems in 1999 and about 14,000 in the first seven months of this year.' " Those numbers apparently count port scans too, but the article is interest, talking about many things, including the fact that they don't run any commercial software on their most classified systems for fear of backdoors. I imagine the DoD's sysadmins are a scary bunch.
Another poster comments "how much of an "attack" is it to scan to see if FTP is open?" What kind of "scan" would anyone do to see if FTP is open? The user check to see if port 21 is open, and thats it.
I remember reading once on slashdot how an @Home nameserver was "port scanning" some guys machine, because it responded to his machine's DNS requests. Come on -- that's not a scan.
If checking one port is a "scan", then I'm afraid I probably scan hundreds, or even thousands, of machines a day. I'm such a 'leet hacker. Most of our webservers get tens of thousands of "scans" a day (generally, by people "scanning" port 80), from people all over the world. The mail servers get thousands of scans, too. What are you guys talking about?
Slashdot is jumping the shark. I'm just driving the boat.
Is it really fair to count port scans as an attack? I can see classing it if it comes from a 192/10/172/169 address but normal scans are part of life, or they are at least for my boxes and me. With portsentry on them I usually get 5 a week from sources all around the world, usually they just check for mail relay and script kiddy tools but sometimes I'll catch the same IP scanning many machines, then they get monitored.
Are you kidding? Real defense weenies don't play solitaire, they play minesweeper.
Working for a DoD contractor who supplies software to the DoD, I can attest to the general lack of quality among their sysadmins. There are some amazingly good admins out there, but they are few and far between.
The DoD has tens of thousands of computers at thousands of locations. They have over 10,000 different software applications that they have had written for them. I'm not exaggerating. Organizations as large as the DoD need a lot of admins. But, the admins are, for the most part, civil servants. They fit into the standard scale of civil servants jobs and wages. In other words, they don't get paid very well.
Let's say your a good admin. Would you work for $70K at a computer company or for $40K for the DoD and have a BGen. screaming at you for not allowing him to receive his granddaughter's cute annimation in the mail even though you've explained that the latest DoD mandate forbade ActiveX in emails? Simple choice. Industry pays better and has a better working environment.
So, what are you left with? One of the admins we deal with (let's call her Betty) was a typist in the secretarial pool (yes, the DoD still has those). She was promoted to an admin. Why? Because of her vast knowledge of networking? Because of her ability to troubleshoot hardware? No. Because she could type fast. This is a real story. Only the name has been changed.
There are good DoD admins out there. They do it not for the environment or the money, but for the sense of pride out of helping the country. On average, the quality of the DoD admins is very low.
Dave.
P.S., this post does not reflect the opinions of my employeer.