[Info-vax] Need to set up a special purpose account
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Mon Oct 10 18:04:12 EDT 2016
On 2016-10-10 19:29:35 +0000, Tom Adams said:
>
> I guess it's honeypot now since if we get hit we will know that some
> hacker is already poking around inside our intranet. So this would
> indicate an inside job or a hack of at least one firewall.
Maybe talk to some folks in your organization about network security?
Ask if FTP is even allowed. OMB got popped, and it's widely assumed
more than a few organizations have access to federal networks.
The firewall is the demarcation between stuff y'all have to fix, and
stuff somebody else has to fix. They're kinda like AV — everybody has
them, but they're not particularly robust.
Related:
https://static.googleusercontent.com/media/research.google.com/en/us/pubs/archive/43231.pdf
Standard practice among attackers is to hop the firewall via macro
malware or a PDF printer attack or such, and then sniffing creds from
FTP or whatever.
OpenVMS networking has security issues — that's before discussing
cleartext protocols such as DECnet, telnet and FTP — and older OpenVMS
versions are more problematic.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list