>Re: Firewalls-Digest Monday, 15 January 1996 Volume 05 : Number 032
> Re: The Last Mitnick Post/Thread
>
>From: "Len Rose" <len @
NETSYS .
COM>
>Date: Mon, 15 Jan 1996 13:31:14 -0800
>Subject: Re: The Last Mitnick Post/Thread
>
>Markoff, and Tsutomo acted reprehensibly by quoting sniffer sessions with Kevin
>and jsz in which my site was mentioned. Not only were the facts wrong
>as jsz never had my firewall router passwords, jsz never knew that much about
>Cisco routers in general. I am extremely annoyed that when they did explain
>who/what netsys.com/Len Rose is, they only bothered to mention the past and not
>what I have achieved since 1992. No one from their ghost writing teams ever
>contacted me to get the facts either. If the government is interested in
>talking to jsz as has been rumored then they should go ahead, and if not, then
>perhaps someone could clear jsz's name which seems to be pretty muddied by the
>somewhat irresponsible literary excesses which seem to fill the Tsutomo/Markoff
>book.
I agree, and the recent Dateline program is one of my personal experiences
with this crap-'o-la. A Dateline researcher called me for help in putting
the segment together a while ago. I spent myself blind (phone calls,
FEDexs...) trying to help, only to see the facts (as I know them) get lost
in the hype. Ahhh, the popular culture, eh?
>Firewalls isn't really the appropriate platform for this sort of discussion,
>and I apologize for continuing this thread :-)
I disagree and don't accept your appology. My suggestion is that you sit
down and write some factual lessons based on your experience (with this
latest episode and your past as well.) The hard thing about this list is
that it is obstensibly unmoderated = ebs and flows that are apparently not
centered on the list's purpose. However, rather than give up, *I* (for
one) would like to see you hammer out some "factual lessons for
firewallers" for us all. Like anyone who takes the time to pick their way
past the hype, you'll take guff for the effort, but please don't give up.
While TCP sequence number attacks are derigueur for some, the vast majority
don't understand the subtle parts such as the things that I'll bet you have
to say on the matter (e.g., *exactly* how one uses these (and other) tricks
*with* other tricks to hammer past today's simple isolation mechanisms.
Don't give up - join the fray! There at least three good "how to hack the
net" books being written (and I may do one myself) as well as a deffinitive
"inside look" from those who know more than Tsutomu / Markoff and Littman
(The FUgative Game, 1996) put together. Meantime, "seize the moment" Len.
The thing that we all *don't need* just now is for someone like you (with
direct involvement in the complexities of a great technical tale) to shrink
in the face of critisism from those who would prefer to accept the Tsutomu
/ Markoff book (Takedown, 1996) as anything besides what it is: pulp
fiction. Like its predesessor (Cyberpunk, 1990), it demands the reality of
facts to counter balance its "written so your grandmother can read it" and
"lets take some money to the bank" flavor.
So, Len. Next time a firewaller asks me about this most recent Mitnick
tale, what should I tell them that *you* have to say about the lessons it
teaches 'em? I have *some* questions for you if you can't get going easily
;)
RayK 8) Ray Kaplan
Security Services - P.O Box 23210 - Richfield, MN USA 55423
(612) 861-7198 - FAX (612) 861-3736 - www: http://www.rayk.com/rayk
ray @
rayk .
com - Not an expert, just a battered vet.
|
|
