That being said, I work for a.gov site. In the past 48 hours we've been scanned 30+ times by NMAP in stealth mode, plus probes for SunRPC vulnerabilities and Back Orifice installations. Over the holiday break we had at least two machines compromised and used as scanners and denial-of-service generators. Indications are that this originated at a.edu site.
Based on the amount of time and frustration that this has caused me and my colleagues, I would definitely like to see some strong words told to the owner of the IP that scanned, and then exchanged (not just sent) traffic with these hosts.
So you say my hosts should have been protected against intrusion? Well, sure. Have you ever tried to get researchers on a tight budget and absolutely hard deadlines to do anything? And to keep doing it--like keeping up with the security patch of the week? What about if the security patch requires a reboot, but this researcher is running a task that requires weeks of continuous operation?
Like I said, I'm sorry you, personally, were wrongfully accused. But I think it's reasonable for a representative of the government to sternly warn people to stop doing such things. At the very least.
Simple. You use SSH, which tunnels your X protocol back. No sweat, and it Just Works. If you're running on a Wintel machine, the clients out there (I use SecureCRT) work just fine too.
Slashdot Mirror
I'm sorry you were wrongfully accused.
.gov site. In the past 48 hours we've been scanned 30+ times by NMAP in stealth mode, plus probes for SunRPC vulnerabilities and Back Orifice installations. Over the holiday break we had at least two machines compromised and used as scanners and denial-of-service generators. Indications are that this originated at a .edu site.
That being said, I work for a
Based on the amount of time and frustration that this has caused me and my colleagues, I would definitely like to see some strong words told to the owner of the IP that scanned, and then exchanged (not just sent) traffic with these hosts.
So you say my hosts should have been protected against intrusion? Well, sure. Have you ever tried to get researchers on a tight budget and absolutely hard deadlines to do anything? And to keep doing it--like keeping up with the security patch of the week? What about if the security patch requires a reboot, but this researcher is running a task that requires weeks of continuous operation?
Like I said, I'm sorry you, personally, were wrongfully accused. But I think it's reasonable for a representative of the government to sternly warn people to stop doing such things. At the very least.
Simple. You use SSH, which tunnels your X protocol back. No sweat, and it Just Works. If you're running on a Wintel machine, the clients out there (I use SecureCRT) work just fine too.