[oclug]why firewall?

Brad Barnett bb at L8R.net
Fri Nov 29 14:27:25 EST 2002 

Hmm.  A patriotic virus.  

That's nothing like the FBI and their plans to infect computers world
wide.  It is also nothing like the CIA's attempts to hack into computers
all over the world.

Somehow, however, we need to mention the fact that a few Chinese people
out of billions do the same thing.  Whatever their reasons.

Let's stop playing the blame game Francis.  If we are going to block
people from connecting to a mail server to prevent trojans, worms and the
occasional virus, you might as well block every IP out there.  China has
no special record for creating them, other than the US media makes a big
deal of it, every time a virus comes from there.

Let's see the US media make the same noise every time a US or Canadian
bred virus appears, and that's all they'll be reporting.



On Fri, 29 Nov 2002 13:57:50 -0500
"Francis J. A. Pinteric" <linuxdoctor at linux.ca> wrote:

> On Fri, 29 Nov 2002 11:29:54 -0500
> gabriel <the.angel.gabriel at rogers.com> wrote:
> 
> > "patriotic viri"  what're those?  what's coming out of those countries
> > and how can you tell its from there?
> > 
> 
> There are several dweebs and dweeb groups in China who are sending out
> virii and worms in the name of "national security." One such is the Lion
> worm created by a cracker by the name of 'Lion' in China. According to
> Whitehats, who was able to track down and interview him, he sent out the
> Lion worm to attack the Japanese for their maintaining that the Japanese
> invasion of China and Korea at the beginning of the last century was
> legitimate and was not a `holocaust.' According to certain books now
> being circulated with great success in Japan, the Japanese actions are
> being touted as being good things, to which Lion and a number of others
> in China (at least) object to.
> 
> Despite Lion's claim to be targetting Japanese systems, the way the worm
> works puts the lie to that assertion. It attacks Linux systems running
> BIND 4 or BIND 8 that have buffer overflow certain vulnerabilities, and
> not only those running in Japan.
> 
> In any case, the pretence of "national security" is, of course, just a
> front to disguise the fact that these people just want to attack other
> computers. Like a number of virii and worms that have surfaced recently,
> there isn't anything really new in them, and the ones that are in
> circulation contain code that is essentially stolen from other places.
> It is unlikely that these crackers would even have the knowledge to ba
> able to create these virii and worms had somebody else not done the hard
> part for them first.
> 
> >>>--fja->
>

More information about the OCLUG mailing list