[unisog] New DISS Security Model
sworona at educause.edu
Fri Jun 2 01:37:43 GMT 2006
Confronted by an overwhelming onslaught of guffaws, cluelessness appears to have surrendered. See <http://chronicle.com/wiredcampus/index.php?id=1306>.
At 3:42 PM -0400 6/1/06, Valdis.Kletnieks at vt.edu wrote:
>On Thu, 01 Jun 2006 12:58:26 CDT, Chris Green said:
>> Ah, yeah that hit our fan a week ago. AFAICT, the primary purpose of the
>> applications they access is the workstation of the Facility Security Officer
>> needs to be able to fill out some paperwork related to DoD-related grants.
>> >From the grapevine at other schools, yes changing the PTR to a .com worked.
>You mean they don't even bother looking up the target of the PTR, and make
>sure it has an A record that points back to the original IP address?
>"Out, out, you demons of stupidity!" -- Saint Dogbert
>(For bonus points, what are the chances that their nameservers are still
>running a BIND 4/8 that's susceptible to cache poisoning, which can be used
>to hand it a suitable PTR even if you don't control the zone, as long as you
>control *a* zone? ;)
>unisog mailing list
>unisog at lists.sans.org
More information about the unisog