NSP-SEC

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Fri Mar 19 14:19:26 UTC 2010


On Fri, 19 Mar 2010 04:43:18 BST, Guillaume FORTAINE said:

> First question : Why was I able to find this mail on the Internet if it 
> should be kept secret ?

Congratulations.  You found an example of a mailing list where applying a
standard disclaimer by default *does* make sense, which then got forwarded
*by a coordination team leader at a national CERT* to an appropriate forum
so that action could be taken, but failed to take the disclaimer off the
bottom of that posting.

Double bonus points for finding a posting that discussed something *really*
sensitive, like "we've seen bots connecting to...".  You *do* realize that
there's an estimated 140,000,000 bots on the net, right, and as a result,
some operation lists have *dozens* of "bots spotted connecting to" postings
*per day*.

And you wonder why you have a hard time being taken seriously.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100319/963a0a60/attachment.sig>


More information about the NANOG mailing list