As you are hopefully aware, October is the Cyber Security Awareness month. We will focus on one security awareness subject per day. Marc published the agenda at
http://isc.sans.org/diary.html?storyid=3429 so lets start with the first tip.
What are your tips for system administrators and others trying to get the word out to user? How did you get past the This Does Not Apply To Me attitude? Submit your ideas and stories here.
You might have heard this from your managers and CEOs multiple times that they are not the target and that certain vulnerabilities dont apply to them. An example of security not taking personally hit the news couple of days ago when Francis Ford Coppolas laptop got stolen (
http://www.nydailynews.com/gossip/20...op_stolen.html). The laptops value in the whole story is negligible the main issue here is that it contained the script for his upcoming movie and that there was no backup (at least it appears like so since Coppola pleaded for the return of the laptop).
Alan M. sent us another real story:
I was called to help remove a phishing site from an ISP's apache server. It was not an easy offsite fix as the hacker was no script-kiddie and very actively fought from many countries' ips to retain his server.
One digi-macho guy let the hacker have a major advantage over me...
I setup a new linux machine offline to replace the bad server then put it online on an unused address of the ISP. I ssh'ed into it. While I was working, I noticed something odd in an lsattr directory listing. I ran who and found another me on the machine as root. Time from my login until hacked 10 minutes. The hacker was playing man in the middle.
I fired up Nesus and ran a scan on the ISP staff machines and found one was infected. I went to that computer and its user and found the ANTIVIRUS program removed from the machine. I asked why? The reply, I don't keep anything important on this machine. It doesn't need to be Fort Knox. I can reformat it if it gets infected.
I had to explain to him that his machine wasn't Fort Knox but the hacker had stolen his machine and used it as a bulldozer to break into the ISP.
Well I didn't know that could happen. I thought the viruses just sent spam.
More...
Breakout Champion!
Linear Mode
