Obama says USA has world's biggest and best cyber arsenal

Tuesday 6th September 2016 07:05 GMT Anonymous Coward

Obama says USA has world's biggest and best cyber arsenal........

....it's called Windoze 10

14 3 Reply
1. Tuesday 6th September 2016 07:45 GMT Anonymous Coward
  
  Re: Obama says USA has world's biggest and best cyber arsenal........
  
  .. and for the rest they don't need much, as they get live feeds from Google and Facebook.
  
  8 0 Reply
Tuesday 6th September 2016 07:16 GMT Dr.Flay

Lead by example

Considering over a third of the worlds hacking comes from the USA, shouldn't it be the rest of the world telling them to stop it ?

http://www.securityweek.com/many-web-attacks-come-united-states-sucuri

https://blog.sucuri.net/2016/07/browser-os-statistics-from-half-billion-blocked-exploit-attempts.html

16 0 Reply
1. Wednesday 7th September 2016 02:42 GMT Turbo Beholder
  
  Re: Lead by example
  
  What will they do? USA is going to remain the Happy Hunting Ground for botnets no matter what.
  
  0 0 Reply
Tuesday 6th September 2016 07:39 GMT Anonymous Coward

Yeah, bollocks...

says the nation he leads has the world's foremost digital arsenal.

I would not be so sure. If that was the case it would not have had to use Israeli assistance for StuxNet and cracking the St Bernardino iPhone.

I am more inclined to believe this statement if I hear it from Netanyahu (you are more likely to hear him finally admitting the exact number of thermonuclear warheads they have than this one). From POTUS - not so much. In fact, not at all.

6 1 Reply
Tuesday 6th September 2016 07:44 GMT Jo_seph_B

The drops on my firewall logs are from all over. Although the University of Michigan has taken a dislike to me for some reason. Feel free to have some fun with the below list. Not sure if this is breaking any rules.

0 0 DROP all -- ppp0 * 185.130.6.49 0.0.0.0/0

9 360 DROP all -- ppp0 * 104.192.0.20 0.0.0.0/0

0 0 DROP all -- ppp0 * 89.163.255.155 0.0.0.0/0

0 0 DROP all -- ppp0 * 185.159.36.12 0.0.0.0/0

1 60 DROP all -- ppp0 * 91.224.160.131 0.0.0.0/0

0 0 DROP all -- ppp0 * 204.42.253.130 0.0.0.0/0

0 0 DROP all -- ppp0 * 209.126.122.15 0.0.0.0/0

0 0 DROP all -- ppp0 * 200.205.177.6 0.0.0.0/0

0 0 DROP all -- ppp0 * 58.137.28.150 0.0.0.0/0

0 0 DROP all -- ppp0 * 173.0.156.71 0.0.0.0/0

1 444 DROP all -- ppp0 * 209.126.102.181 0.0.0.0/0

0 0 DROP all -- ppp0 * 162.218.211.137 0.0.0.0/0

0 0 DROP all -- ppp0 * 123.63.214.89 0.0.0.0/0

25 1000 DROP all -- ppp0 * 141.212.122.32 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.37 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.38 0.0.0.0/0

0 0 DROP all -- ppp0 * 134.255.214.231 0.0.0.0/0

0 0 DROP all -- ppp0 * 104.37.216.117 0.0.0.0/0

0 0 DROP all -- ppp0 * 119.82.74.66 0.0.0.0/0

1 444 DROP all -- ppp0 * 209.126.116.183 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.132 0.0.0.0/0

0 0 DROP all -- ppp0 * 23.228.99.147 0.0.0.0/0

2 884 DROP all -- ppp0 * 209.126.117.68 0.0.0.0/0

0 0 DROP all -- ppp0 * 93.174.93.99 0.0.0.0/0

0 0 DROP all -- ppp0 * 188.42.218.123 0.0.0.0/0

0 0 DROP all -- ppp0 * 115.238.253.236 0.0.0.0/0

0 0 DROP all -- ppp0 * 158.69.242.136 0.0.0.0/0

0 0 DROP all -- ppp0 * 209.126.122.33 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.18 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.17 0.0.0.0/0

140 10640 DROP all -- ppp0 * 178.79.165.21 0.0.0.0/0

1 40 DROP all -- ppp0 * 180.97.106.161 0.0.0.0/0

0 0 DROP all -- ppp0 * 62.210.146.73 0.0.0.0/0

210 15960 DROP all -- ppp0 * 178.79.160.57 0.0.0.0/0

1 40 DROP all -- ppp0 * 185.110.132.201 0.0.0.0/0

0 0 DROP all -- ppp0 * 51.235.36.95 0.0.0.0/0

0 0 DROP all -- ppp0 * 85.114.142.63 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.80 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.85 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.86 0.0.0.0/0

1 40 DROP all -- ppp0 * 141.212.122.133 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.134 0.0.0.0/0

0 0 DROP all -- ppp0 * 78.31.67.75 0.0.0.0/0

0 0 DROP all -- ppp0 * 89.163.135.202 0.0.0.0/0

0 0 DROP all -- ppp0 * 188.214.128.71 0.0.0.0/0

0 0 DROP all -- ppp0 * 188.42.219.201 0.0.0.0/0

0 0 DROP all -- ppp0 * 158.69.33.138 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.64 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.73 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.74 0.0.0.0/0

0 0 DROP all -- ppp0 * 185.121.173.171 0.0.0.0/0

1 52 DROP all -- ppp0 * 185.93.187.44 0.0.0.0/0

0 0 DROP all -- ppp0 * 80.82.222.122 0.0.0.0/0

0 0 DROP all -- ppp0 * 142.0.206.76 0.0.0.0/0

0 0 DROP all -- ppp0 * 94.102.49.193 0.0.0.0/0

0 0 DROP all -- ppp0 * 172.93.98.130 0.0.0.0/0

1 40 DROP all -- ppp0 * 94.102.49.190 0.0.0.0/0

1 418 DROP all -- ppp0 * 213.202.233.56 0.0.0.0/0

0 0 DROP all -- ppp0 * 5.196.197.118 0.0.0.0/0

0 0 DROP all -- ppp0 * 222.186.51.181 0.0.0.0/0

1 439 DROP all -- ppp0 * 50.30.37.187 0.0.0.0/0

7 420 DROP all -- ppp0 * 91.224.160.106 0.0.0.0/0

1 48 DROP all -- ppp0 * 219.87.191.219 0.0.0.0/0

6 2596 DROP all -- ppp0 * 209.222.99.42 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.48 0.0.0.0/0

4 1749 DROP all -- ppp0 * 85.93.93.95 0.0.0.0/0

2 80 DROP all -- ppp0 * 91.222.251.50 0.0.0.0/0

0 0 DROP all -- ppp0 * 188.138.26.175 0.0.0.0/0

1 444 DROP all -- ppp0 * 188.138.102.156 0.0.0.0/0

1 439 DROP all -- ppp0 * 85.25.207.74 0.0.0.0/0

1 40 DROP all -- ppp0 * 185.93.185.239 0.0.0.0/0

0 0 DROP all -- ppp0 * 89.163.242.183 0.0.0.0/0

0 0 DROP all -- ppp0 * 65.61.190.162 0.0.0.0/0

0 0 DROP all -- ppp0 * 141.212.122.104 0.0.0.0/0

1 60 DROP all -- ppp0 * 91.224.160.108 0.0.0.0/0

2 878 DROP all -- ppp0 * 69.64.57.185 0.0.0.0/0

4 240 DROP all -- ppp0 * 91.224.160.184 0.0.0.0/0

2 226 DROP all -- ppp0 * 184.105.139.67 0.0.0.0/0

0 0 DROP all -- ppp0 * 31.214.129.108 0.0.0.0/0

3 1322 DROP all -- ppp0 * 173.231.189.37 0.0.0.0/0

3 1328 DROP all -- ppp0 * 173.231.189.39 0.0.0.0/0

0 0 DROP all -- ppp0 * 192.99.9.76 0.0.0.0/0

11 440 DROP all -- ppp0 * 185.93.185.7 0.0.0.0/0

13 520 DROP all -- ppp0 * 185.93.185.10 0.0.0.0/0

1 44 DROP all -- ppp0 * 218.93.206.21 0.0.0.0/0

0 0 DROP all -- ppp0 * 209.126.103.102 0.0.0.0/0

790 41080 DROP all -- ppp0 * 185.21.216.189 0.0.0.0/0

0 0 DROP all -- ppp0 * 104.37.213.35 0.0.0.0/0

2 885 DROP all -- ppp0 * 188.138.102.144 0.0.0.0/0

0 0 DROP all -- ppp0 * 209.126.103.42 0.0.0.0/0

0 0 DROP all -- ppp0 * 204.27.62.26 0.0.0.0/0

10 956 DROP all -- ppp0 * 89.248.168.21 0.0.0.0/0

15 773 DROP all -- ppp0 * 185.94.111.1 0.0.0.0/0

5 279 DROP all -- ppp0 * 185.128.40.162 0.0.0.0/0

14 560 DROP all -- ppp0 * 185.93.185.235 0.0.0.0/0

0 0 Reply
1. Tuesday 6th September 2016 14:18 GMT Sir Runcible Spoon
  
  Assuming this is an incoming list, you might want to consider adding the rfc-1918 address space in there too :)
  
  1 0 Reply
Tuesday 6th September 2016 07:58 GMT Anonymous Coward

The drops on my firewall logs are from all over. Although the University of Michigan has taken a dislike to me for some reason

I have pretty long timeouts on my fail2ban scripts, so if something shows up more than twice I know it's targeted and have a full scan of /var/log to see what else that IP address has been up to and who it is. If it's a US or Chinese hosting company I tend to blacklist their entire IP range.

That said, I have found many companies quite responsive to a heads up because in some cases it's evident the wannabe hacker is using their server to act as a script proxy so it must be breached. They generally get one warning. If they show up again they get told they'll be billed for my time (not that I would or even could without a court case AFAIK, but for some reason that seems to wake people up).

3 0 Reply
1. Tuesday 6th September 2016 08:10 GMT Jo_seph_B
  
  I don't block the whole range, although I will now look into this, it waits for 3 hits on a snort rule from a matching source IP and then adds it to iptables to drop for 90 days.
  
  I contacted them this morning, they publish their helpdesk email on their website, so I've 'logged a ticket' via that, as abuse@ never seems to exist when I email it, or at least no one ever responds.
  
  Might use the billing one next time, thats great.
  
  0 0 Reply
  1. Tuesday 6th September 2016 18:08 GMT ci_tech
    
    While not the SME on Snort, I rarely see the same IP address multiple times. I do see the same IP block multiple times, and I shut the door on them.
    
    0 0 Reply
Tuesday 6th September 2016 08:49 GMT amanfromMars 1

Past Solutions to Present Problems Catastrophically Deny Future Opportunities to the MainStream

Obama/Uncle Sam is in dire straits need of a completely new leading world script writer ........ for the current nonsense they presently share with media muppets and puppets for broadbandcasting and remote virtual brainwashing of the undereducated and ignorant masses is fooling practically no one effectively long term and opening up, for myriad relatively anonymous others, countless other deep and dark web vulnerabilities for zeroday exploitation and/or disruption of traditional historic and conventional legacy SCADA Operating Systems which are trading in a manner which would not be agreed as acceptable if general knowledge.

They are though, not alone in their intellectual deficit, whenever so many play would dance to the fiddle of media and play the decrepit Great Game in a/the Novel Systems Age of CyberIntelAIgent Security and Virtual Protection ‽ .

:-) Fact or Fiction?

And what do you imagine UKGBNI Intelligence would be doing about it whenever true with their IT Command and Control Systems? Anything worthy of mentioning or something to be embarrassed and ashamed of?

3 2 Reply
1. Tuesday 6th September 2016 13:59 GMT PhilipAustin
  
  Re: Past Solutions to Present Problems Catastrophically Deny Future Opportunities to the MainStream
  
  When Markov chains turn bad.
  
  0 0 Reply
  1. Tuesday 6th September 2016 15:23 GMT amanfromMars 1
    
    Re: Past Solutions to Present Problems Catastrophically Deny Future Opportunities to the MainStream
    
    Hi, PhilipAustin,
    
    Methinks the problem is better addressed and easier solved if we recognise that Markov chains ~~would/could~~ introduce bad, and that is as a result of feeblemindedness rather that being considered a valid smart radical option for future chain delivery ..... global media presentation.
    
    Garbage In/Garbage Out proves itself true virtually anywhere and practically everywhere too.
    
    1 1 Reply
Tuesday 6th September 2016 10:01 GMT Robert Carnegie

Neologism of the Day

"Topic of convo" is a thing?

Does it seem to have an Australian flavour? Because of how they decided to form the abbrevo?

I have just looked up what "abbrevo" is a trade mark for and I don't want one.

0 0 Reply
Tuesday 6th September 2016 11:21 GMT Christoph

Hi guys! We've just decided that we can hack whoever we like with things like Stuxnet, but you're not allowed to hack us back. Have a nice day!

1 0 Reply
Tuesday 6th September 2016 11:33 GMT Anonymous Coward

Obama says USA has world's biggest and best cyber arsenal

So psychology tells us, he has a very small penis.

3 0 Reply
Tuesday 6th September 2016 12:01 GMT Pascal Monett

The US has the best digital weaponry, so everyone else should stop

Yeah, that sounds like a very good argument.

For a bully.

Unfortunately, digital is not nuclear, and even the poorest countries could conceivably fund a digital hacking department.

This announcement is no reason to stop.

4 0 Reply
1. Tuesday 6th September 2016 15:07 GMT amanfromMars 1
  
  Re: The US has the best digital weaponry, so everyone else should stop
  
  Digital is much more dangerous than nuclear, PM, because it can so readily nowadays, accurately and anonymously target key personnel who would be thinking themselves practically invisible and virtually immune from violent executive mob and mobilised action/reaction/proaction.
  
  Latter Day Untouchables and Post Modern Victims and Persons of Interest for Radical ReProgramming or Permanent Removal with Character Assassination from the Great Games that are being played on a daily zeroday basis/when things are decided daily on the hoof and for mainstream media to report on as a decided and negotiated truth to the ignorant masses.
  
  However, for that to be serially successful, must discovered and/or uncovered intelligence be denied in favour of right royal old and ancient fictions, and that is the road to nowhere good where all is constantly bad and defeating, so success there is suicidal and oxymoronic and a certain certifiable Grand Master's Folly. MAD is as MADness does and worlds are full of crazy fools with blunt arrogant tools.
  
  Spaces in CyberSpace are not the Final Frontier, they are the Permanent Novel Gateways to a Hell on Earth or a Heaven with Stars ..... and all transient points in between. Choose your journeys wisely, for they have no return whenever one assumes and presumes lead at XSSXXXX.alted Levels and significant others would challenge the wisdom of your leadership when delivering austere and inequitable packets of information/corrupt intelligence for perverse practices.
  
  2 1 Reply
Tuesday 6th September 2016 15:24 GMT Howard Hanek

A Word of Caution

Many of us in the the states have been taught through hard experience the wisdom of discounting down to zero any announcement that begins with the words "Obama says........."

It's not uncommon to later learn that the complete opposite was true.

That being said it is likely that a major cyber attack has either already occurred or one the intelligence community has learned of finds them without a proper defense or counter-measure.

5 0 Reply
1. Tuesday 6th September 2016 18:25 GMT amanfromMars 1
  
  Re: A Word of Caution on Poor Programming. IT Sucks and Provides Vulnerabilities
  
  Defending the indefensible from a smarter attacker is a magnificent folly guaranteed to spectacular failure, HH, and a crazy waste of easily led assets which are proving themselves massive liabilities to be remotely exploited and reeducated/radicalised?
  
  2 1 Reply
2. Tuesday 6th September 2016 18:50 GMT Howard Hanek
  
  Re: A Word of Caution
  
  I visualize Baghdad Bob a week before the end of the Gulf War proclaiming the complete annihilation of the enemy forces advancing on Baghdad.......
  
  2 0 Reply
Tuesday 6th September 2016 18:08 GMT ci_tech

Retired

Comments like Obama's, just beg others to prove him wrong!! As for Snort, top 20 IP's and bottom 20 IP's (low and slows).

0 0 Reply
Tuesday 6th September 2016 23:47 GMT C0p3n

"and making sure that our financial systems are sound"

HAHA! ... oh, you meant as far as the internet ... carry on.

1 0 Reply
Wednesday 7th September 2016 14:52 GMT tr1ck5t3r

Its easy to say you have the biggest cyber arsenal when you have bloatware, as for the best, thats debatable.

What would be an acceptable demonstration?

1 0 Reply