Comments on: Unmasking ‘GhostNet’

By: Telcosteve

Telcosteve — Thu, 09 Apr 2009 22:41:34 +0000

This is a fairly long and detailed report but regarding the issue that all of the attacked PCs were running Microsoft OS was incorrect as thoroughly explained towards the last 3 minutes of the Interview. I suggest all of you “Mac-o-nites” and Unix based open systems gurus revisit the warm cozy feeling of being protected by paying more for an Apple Product. We all are at risk and we need solutions not finger pointing.

By: Hill Associates - Living in a connected world : tHAWT Episode #148: Conficker quiet, but so was GhostNet for a long time

Mon, 06 Apr 2009 14:38:06 +0000

[...] action on April 1 from Conficker despite the hype from the pressMaps of Conficker infected clientsUnmasking the GhostNet on NPR not too far away from Eagle EyeBill floated to allow president to shut down networks in cyber [...]

By: Wilson Samuel

Wilson Samuel — Mon, 06 Apr 2009 00:29:25 +0000

Dear OnPoint Radio WebAdmin:
—————————-

I have noticed which I would like to point your attention, and I really wish I’m wrong BUT let me point anyways.

I have noticed that the time stamp should be the EDT (i.e. -4.00 hrs GMT/UTC) but it actually posts EST (i.e. -5.00 hrs GMT/UTC).

Once again, I’m just pointing out what I have seen and would be glad to be proven wrong, but in case I’m not wrong may I request you to correct the timestamp on the WebServer please.

Regards

By: Wilson Samuel

Wilson Samuel — Mon, 06 Apr 2009 00:22:21 +0000

Microsoft or No Microsoft, if the System Admin/Network Admin is not determined to play the game safely, he/she will bite the dust, period.

Vendors across the spectrum offer Solutions to protect and guard systems against Day Zero Attacks, and not only the installation BUT also the configuration, management and monitoring is VERY IMP. to safeguard against any attacks from Day Zero.

One such good Solution is Cisco Systems MARS (Monitoring Analysis and Response System and NAC (Network Admission Control) which are quite effective IF deployed correctly. I guess that the victims in this case were either didnt have these installations or were poorly configured and monitored.

Cisco NAC=

http://www.cisco.com/en/US/netsol/ns466/networking_solutions_package.html

Cisco MARS=

http://www.cisco.com/en/US/products/ps6241/index.html

By: Robert

Robert — Sun, 05 Apr 2009 22:36:05 +0000

Botnets like this are exclusively a problem on Windows.

Let me say that again, and if any Windows/Microsoft apologists have proof otherwise, please put it here: Botnets like this are exclusively a problem on Windows.

That’s why most of the internet runs on UNIX or UNIX-like platforms.

By: Hill Associates - Living in a connected world : tHAWT Episode #148: Conficker quiet but so was GhostNet for a long time

Sun, 05 Apr 2009 19:45:46 +0000

By: Ellen Lincourt

Ellen Lincourt — Fri, 03 Apr 2009 12:41:27 +0000

Reminds me of the “Cuckoo’s Egg” story. It was a story of a lone computer geek at Berkley who broke a KGB cyber spying network.

By: Dean

Dean — Fri, 03 Apr 2009 04:47:32 +0000

If you think that is bad..Listen to your new digital TV at night re-setting it’s self all the time…They whom-ever! can watch you and tape your every word..Unplugging won’t help either, because as soon as you plug in again it’s recharging it’s small battery.Nothing is secure or safe anymore..and just think (Re-mote viewing!) also..That is even more frightening! Do your home work read and do research and be aware of what is and is not going on!

By: Dean

Dean — Fri, 03 Apr 2009 04:29:00 +0000

Yep he is right!

By: Diane

Diane — Fri, 03 Apr 2009 04:19:08 +0000

Hello.
I listen to your show every night, If I was to tell you about stuff I know of ( Not my own doing though!) You would be shocked! I know because they can also watch you by Satelite…Anyone who could work for the Military …Goverment could break into the satellite system and watch you close up drive down a road…How do I know… Well, it happened to me!Yes I am still ,mad about that….but what can you do about it? Complain to the Space aliens? They would just laugh and say: Get with it man!..hehe!Not only that ..(THEY)and they know who they are! can break into a radio’s waves in your car and talk to you while interrupting the radio station your listening to. Yes, I am not joking!No one is safe anywhere, even in your home. A satellite can know just where you are and when also…Hiding in your Basement won’t even work,so don’t try hiding.It’s a freaky world out there and also you could be stalked by governmental or spy dudes also ..if they thought you where up to something. People..! Privacy is no more! Next time you go to the store and walk in front of a TV just pretend your in the movie (#1 Enemy) Jean Hackman and the one actor from Independence Day.Watch that movie… It will really tell you all you need to know!You can’t hide no where!Oh well..!Where all walking talking stars for the whole world or….. Them..Whom-ever!
Good luck and peace and God’s love too!

By: Frank

Frank — Fri, 03 Apr 2009 03:39:19 +0000

The problem is not just the malware inserted into our software, but also the hardware. The FBI’s own offices, as well as other government and industry organizations have bought counterfeit routers that can fail or leave back door open to exploitation. As long as the supply chain is not secure, state sponsored and independent actors can penetrate any IT systems.
At home, lax security opens vulnerabilities in the unexpected places. There is a trojan in the wild that targets the DNS routing of the cable modem/dsl routers. The days of ” I don’t have to worry about that” are over.

By: Nick

Nick — Fri, 03 Apr 2009 00:59:07 +0000

“I work in computer security …” “…Such as mac os software which is doesn’t require anti-virus or anti-malware software.”

This might be the problem.

By: Peter Pjecha Jr.

Peter Pjecha Jr. — Fri, 03 Apr 2009 00:50:01 +0000

“If you’re on the internet surfing, or doing the king’s bidding with the nefarious ‘GhostNet’ prowling about, your life is an open book … and so is mine—but not as open as it’ll be to the ghost (I’m unmasking) we outta really be concerning ourselves with … which is the Holy Ghost on the judgment day y’all …“Bu-yah!”

By: markbrown in NJ

markbrown in NJ — Fri, 03 Apr 2009 00:41:14 +0000

Posted by Andrew,:
Many security and operational issues break down to the IDW principle.

I D o n ‘ t W a n n a

I Don’t Wanna pay to audit my security
I Don’t Wanna remember a long complex password
I Don’t Wanna test my software
I Don’t Wanna update my software/firmware.
———————–

He’s right you know.

If (as a unix systems administrator for over 20 years)
a company/country wanted absolute security

they could:
1) Hire me (example) for $100,000 per year to administer ONE machine, and AUDIT that machine either in real time, or near real time.

that would cover
: security logs
: security updates
: recommended software updates
and of course PERSONALIZEd manual password and user identification (as well as what is RUNNING on the machine at all times, as well as monitoring the PORTS on the machine.

It’s NOT too expensive. It’s Extremely time consuming.
It;s too much for everyday stuff.

But do-able also!

By: Clint

Clint — Fri, 03 Apr 2009 00:00:01 +0000

More virii and malware target Windows because of market share, that’s certainly true. But it’s also true that Linux distros (Ubuntu, say) are more secure out of the box. Unix was designed for multiple users, with access controls built in at a very low level and refined over decades. In Windows, access controls were bolted on as an afterthought.

When I install Ubuntu, there are no open ports by default. The latest Firefox is quite secure. Put this setup behind a $50 Linksys NAT router, and you’re immune to 99.9% of threats with very minimal effort.

Finally, Open Source is inherently more secure due to peer review. Vulnerabilities get fixed because the source is out in the open.

By: Sandy

Sandy — Thu, 02 Apr 2009 21:38:32 +0000

nelly you are super-boring with this Mac stuff, are you paid for it? Not to mention it’s irrelevant here, and you are factually wrong. If you knew windows you wouldn’t have said such non-sense, you can set accounts up any which way you want to make it more secure.

By: J. Oquendo

J. Oquendo — Thu, 02 Apr 2009 20:54:13 +0000

Jim, I hear ya I use Solaris + Linux. Windows for Visio, haven’t had any issues whatsoever concerning viruses or malware. I shift the responsibility of security to the user, no one (repeat) no one, will take better care of your machine irrespective of the operating system better than you would. Regardless of the amounts of threats available. I haven’t had any viruses or malware on this machine since circa 2004 when I discovered typical malware (not a virus).

By: Jim

Jim — Thu, 02 Apr 2009 20:37:26 +0000

Jim, you seem to be unaware about real world security malware affecting Macs.

It seems like a very low risk compared to what windows users face. If it did happen, I think I can handle deleting a few files:

Despite the potential for mayhem, Mac users can simply kill the widgets by deleting them from their Library folder, and using Activity Monitor to kill any instance of the widget already running.

By: Lon C Ponschock

Lon C Ponschock — Thu, 02 Apr 2009 18:25:13 +0000

On the “don’t be fooled” caution I agree. Every time I see a new ‘threat to your security’ story or book (such as the one by Robert O. Harrow several years ago) I think of the oldest dodge in the world: the story of the pickpocket in the crowd.

As far back as ancient times, the traveling show would come through town and at the beginning of the performance announce that there was a pickpocket in the crowd. After everyone reflexively grabs for their purse, the _real_ pickpocket or “cut purse” knows who to target for the theft.

Privacy is an important matter. Identity theft can occur. But using any sort of online “check your security” service and the like should be avoided. Don’t be a “mark.”

By: Laughs Joe

Laughs Joe — Thu, 02 Apr 2009 16:03:54 +0000

An illuminating story for the novice FBI agents in National Treasure 2 (the Movie).

Agents Joe and Jane came into the office of snr Agent Zack (the old guy), beaming with the uncovering of a note from a Mr. Wilkes that showed the Mr. Will Gates had been the plotter of the assisination of President Lincoln. Agent Z asks, Who is this Wilkes and Why is he showing the note now and then after 150+ plus years. A good question indeed.

Don’t be fooled!