[CLUE-Talk] Windows virus affect nuclear plants!!

Dave Hahn dhahn at dhahn.com
Fri Aug 29 18:23:07 MDT 2003 

Was I the only one yelling "Galaxy!! Hitchhiker's Guide to the Galaxy!"
?  Please, I don't want to be alone on this one...

"What do you get when you multiply six by nine?"

-d

-----Original Message-----
From: clue-talk-admin at clue.denver.co.us
[mailto:clue-talk-admin at clue.denver.co.us] On Behalf Of
black at galaxy.silvren.com
Sent: Thursday, August 28, 2003 9:38 AM
To: CLUE Talk
Subject: Re: [CLUE-Talk] Windows virus affect nuclear plants!!

Yeah, the "but we have a firewall" response was echoed by a lot of
companies. Then someone took their laptop home, dialed in for some pr0n
and weather channel surfing, got infected, and... took their laptops to
work to promptly plug them into the network at 8am.

Happened here, and the next thing you know it's an infection bonanza on
5000 PC's.

So then the LAN techs decide to roll out a patch to the PC's 2 weeks
after
the patch is announced and the worms are already rampant. Meanwhile, the
core routers puke and die under the 50,000 packet per second load all
the
worm traffic is generating.

Then 3 days later it's discovered that the patch they've been rolling
out
at login to clean the worm and patch the PC isn't taking on any of the
PC's because the patch requires at least service pack 2, and the PC's
are
all stuck at an ancient service pack 1.

Now, everyone stand up and raise your hand if you are shocked to hear
once
again that nobody bothers patching until a crisis is at hand. :)

And just to splash it all with a dose of humility, patch procrastination
is not just a Windows User Phenomenon. Linux/UNIX folks are just as lax.

Anyone read HitchHiker's Guide to the Universe? Seems like the LAN guys
rely on the firewall guys to keep everything harmonius, while the
firewall
guys rely on the LAN guys to keep the PC's clean, and suddenly
everything
is surrounded by a "Somebody Elses Problem" (SEP) field and nobody sees
what's actually there.

Pretty scary stuff. Dollars to donuts that the private network got
penetrated by someone plugging in a laptop.

On Thu, 28 Aug 2003, Kevin Cullis wrote:

> This is disturbing:
>
> The Slammer worm penetrated a private computer network at Ohio's
> Davis-Besse nuclear power plant in January and disabled a safety
> monitoring system for nearly five hours, despite a belief by plant
> personnel that the network was protected by a firewall, SecurityFocus
> has learned.
>
> http://www.securityfocus.com/news/6767
>
> Not that I'm against nuclear power, but using Windows in a nuclear
power
> plant.
>
> Kevin
>
> _______________________________________________
> CLUE-Talk mailing list
> Post messages to: CLUE-Talk at clue.denver.co.us
> Unsubscribe or manage your options:
http://clue.denver.co.us/mailman/listinfo/clue-talk
>
_______________________________________________
CLUE-Talk mailing list
Post messages to: CLUE-Talk at clue.denver.co.us
Unsubscribe or manage your options:
http://clue.denver.co.us/mailman/listinfo/clue-talk

More information about the clue-talk mailing list