Slashdot Mirror

← Back to Stories (view on slashdot.org)

DHS Injects Itself With DDoS

Posted by CowboyNeal on from the shooting-their-own-feet dept.

An anonymous reader writes "Here's a story about what can happen to any enterprise IT department that overestimates the intelligence of its users. Only in this case, the enterprise in question is the U.S. Department of Homeland Security. The spokesman says there's no Jack Bauer mentality. No kidding!"

6 of 136 comments (clear)

  1. Listserv Idiocy by astrotek · · Score: 5, Informative

    lol, happened at college all the time

    you get 5-6 idiots that reply to all
    then you get 50-60 idiots telling them not to reply to all
    and 50-60 more idiots trying to have a conversation to the first 5-6 idiots

    1. Re:Listserv Idiocy by Beryllium+Sphere(tm) · · Score: 3, Informative

      Try thousands.

      Microsoft had an email storm that took down companywide email

  2. Re:DDoS? by omeomi · · Score: 4, Informative

    Yeah, a mailing list with a lot of people hitting "reply all" really isn't the same as a DDoS attack...it's just a mailing list with a lot of people hitting "reply all"

    --
    ZuluPad, the wiki notepad on crack
  3. I'm on that ListServe... by StickyWidget · · Score: 2, Informative
    The issue wasn't with a DDoS, the issue was that when you sent an email to the listserve, it was sent with your email in the "To:" header. Which means that all the out of office messages came back directly to the sender. I saw several SIPRNET and NIPRNET addresses in the contact information for these people. Even better were the "I'm out of the office until November 15th, please forward all billing questions to So and So".

    Several were group email accounts at Security Operations Centers, NOCs, and I think I saw a few power plants as well(one woman said that is was the "Command Center", speaking about the operations center at a major insurance company. Not to mention I'm still getting unanswerable emails back from email servers giving me the exact email address. I'd estimate I have around 1000 sets of contact information for people in the security industry, how many of those are actual LOGINS as well?

    I'll put up a page with a breakdown of the information in the next week, then maybe Slashdot will put up my submission "DHS Email List Exposes Private User Data".

    ~Sticky
    /Grousing about rejected submissions is typically offtopic.
    //Which is why I said some other stuff first.

  4. Re:DDoS? by Anonymous Coward · · Score: 1, Informative

    Yeah, a mailing list with a lot of people hitting "reply all" really isn't the same as a DDoS attack...it's just a mailing list with a lot of people hitting "reply all"

    Not on Microsoft infrastructure. It's called a cascade failure and if it happens to you all of your Exchange servers will go down. All of them.

    1. All Exchange Servers fail --> All Outlook instances lock up, Word freezes, and desktops generally become unstable.
    2. Panic ensues.
    3. Someone calls a consultant
    4. Profit! :D


    If everything is set up correctly it shouldn't happen. But I hardly ever find that everything is setup correctly.

  5. Re:Feel Safer? by phantomlord · · Score: 2, Informative

    I recently pointed this out to a friend of mine... here's the full list:

    President       Highest office served, executive preferred
    GWB             Governor
    Clinton         Governor
    GHWB            Vice President
    Reagan          Governor
    Carter          Governor
    Ford            Vice President
    Nixon           Vice President
    LB Johnson      Vice President
    Kennedy         Senator
    Eisenhower      General (Supreme Commander of Allied Forces)
    Truman          Vice President
    FDR             Governor
    Hoover          Secretary of Commerce
    Coolidge        Vice President/Governor
    Harding         Lt. Governor
    Wilson          Governor
    Taft            Governor, Chief Justice
    TR              Vice President, Governor
    McKinley        Governor
    Cleveland       President
    Harrison        Senator
    Cleveland       Governor
    McArthur        Vice President
    Garfield        General, US Representative
    Hayes           Governor
    Grant           General
    A Johnson       Vice President
    Lincoln         US Represenative
    Buchanan        Secretary of State, Senator
    Pierce          General, Senator
    Fillmore        Vice President
    Taylor          General
    Polk            Governor
    Tyler           Vice President, Governor
    Harrison        General, military Governor
    Van Buren       Vice President, Governor
    Jackson         General, military Govneror
    JQ Adams        Secretary of State, Senator
    Monroe          Governor
    Madison         Secretary of State, numerous founding documents
    Jefferson       Vice President, Governor, that whole Declaration thing
    John Adams      Vice President, lots of pre-Revolution stuff
    Washington      Uh, General who won our independence

    Vice President or Governor: 29 (including the last 8 Presidents)
    General: 6
    Non-VP cabinet member: 4
    Congressman with no executive experience: 3

    That's a 3/42 (7.14%) historical chance of a Senator being elected
    President with no executive experience.

    Yeah, side note before I get called out on it... there have been 43 presidents, but Cleveland served as two different numbers (22 and 24) so his previous experience only counts once.

    --
    Don't leave your mind so open that your brain falls out. Don't close it so much that you cut off the blood.