DaemonForums  

Go Back   DaemonForums > Miscellaneous > Off-Topic

Off-Topic Everything else.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th January 2009
running_fist running_fist is offline
Port Guard
 
Join Date: May 2008
Location: NEPennsylvania
Posts: 12
Thanked 1 Time in 1 Post
Default Insider plot to take down Fannie Mae's servers thwarted

http://www.tgdaily.com/html_tmp/cont...41262-118.html

Washington (DC) - On October 29, 2008, a vigilant senior Unix engineer happened across a "logic bomb" that was allegedly planted by a contractor, Rajendrasinh Babubhai Makwana, who had worked in their Urbana, MD facility until October 24, 2008 when his contract was terminated. The script was set to activate on January 31, 2009 and would completely wipe all of Fannie Mae's 4,000 servers.
Reply With Quote
  #2   (View Single Post)  
Old 1st February 2009
Broodjegehaktmetmayo Broodjegehaktmetmayo is offline
Shell Scout
 
Join Date: Sep 2008
Posts: 92
Thanked 0 Times in 0 Posts
Default

Ouch

Of course, the question then pops up: how can a contractor get these kinds of access rights? (I know, it happens every day, but it shouldn't happen).
Reply With Quote
  #3   (View Single Post)  
Old 1st February 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

Quote:
Originally Posted by Broodjegehaktmetmayo View Post
Ouch

Of course, the question then pops up: how can a contractor get these kinds of access rights? (I know, it happens every day, but it shouldn't happen).
A common occurrence in the industry is the use of outdated software, (right ai-danno).. it's very possible this contractor was able to use a local root exploit.
Reply With Quote
  #4   (View Single Post)  
Old 1st February 2009
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 577
Thanked 14 Times in 13 Posts
Smile

Or maybe it was Hank Paulson's last-ditch plot to get a lot of toxic mortgages off the books ... ?
Reply With Quote
  #5   (View Single Post)  
Old 5th March 2009
ai-danno's Avatar
ai-danno ai-danno is offline
Spam Deminer
 
Join Date: May 2008
Location: Boca Raton, Florida
Posts: 284
Thanked 35 Times in 31 Posts
Default

Quote:
Originally Posted by BSDfan666 View Post
A common occurrence in the industry is the use of outdated software, (right ai-danno).. it's very possible this contractor was able to use a local root exploit.
Wow, where do I begin? It's like this gift was tossed down from heaven and landed in my lap- I promise after my digression I will comment on the subject at hand...

A) I've always made the point that in the networking industry it's been my experience that the most up-to-date router code is the most troublesome. It's about manufacturers trying to get the latest feature sets above their competitors, and in the process, not taking care of older code that needed to be improved, or just introducing new shoddy code. So 'new' = 'insecure and untested' more often than not. Some non-networking-examples:

- How long did it take for the Iphone to get hacked once it was introduced?
- How long did it take for Windows Vista to get compromised once it was released?
- How long did it take for my IPS's new code to be seen as more detrimental than useful after being installed this weekend? (the answer to that last one- about 10 minutes.)

B) And what is 'outdated software' anyway? If an application or Operating System (on any device, not merely networking devices) is patched for security issues, but no new features are added, is it considered outdated? Perhaps by some... not necessarily by me.

C) Perhaps some like to ride their networks by the seat of their pants. Maybe they've got the coolest features they may never even explore and the latest support for cards they will never personally own or use. But at least they can cling to the fact that they have "the latest", kinda like that person who feels the need to always be a 'first poster' on slashdot. It doesn't necessarily serve much purpose, but the person involved certainly feels cooler.

Personally, with regards to anything I even consider upgrading, I think, "What's in it for me?"
- Are there improvements for security that would actually benefit my situation?
- Are the features being introduced more glitzy and experimental than well-vetted and tested?
- Are the new features something I even need?
- Have those silly enough to use this before everyone else now running into issues (and if so, what are they so I can avoid them if I use the same software)?

When it comes to this situation, it probably had nothing to do with the version of code being run- it was probably more about the access level the person was given outright by the orgranization. Either the fault lies with insufficient policies or procedures to limit access by any employees (not just contract employees), or it lies with the people that failed to follow the policies and procedures in place.
__________________
Network Firefighter
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mirrored file servers stukov FreeBSD General 2 21st May 2009 01:22 PM
See processes on other servers? biscuits FreeBSD General 2 20th January 2009 04:15 AM
About Dedicated Servers qmemo Off-Topic 7 4th September 2008 02:15 PM
Red Hat servers compromised tanked Other BSD and UNIX/UNIX-like 10 25th August 2008 04:41 PM
Apache on two servers but one public IP marco64 General software and network 2 4th June 2008 07:29 PM


All times are GMT. The time now is 01:28 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick