Hey, Baby, where'd you get such a great set of settings?

When I was still in my formative years, I (like most other post-pubescent males) was always hunting for the magical key to youthful bliss. There just had to be a common vulnerability -- the right line, the right look, the right attitude, whatever -- that the vast majority of the opposite sex would instantly fall for.

Although some claim to have, I never found it.

For some reason, every young lady that I came across had something unique about her. Whatever ploy, tactic, or stroke of dumb luck I found momentary success with once, failed miserably on the next go around. Were they secretly plotting against my teenage happiness? Was there a conspiracy involving all young womanhood?

No, there was just one little thing that kept it challenging -- kept the playing field pretty level for all of us mere mortal boys. Everyone is their own individual person, with their own impressions, likes, dislikes, values, and moral structure.

To put it in geek terminology: There is no default configuration amongst women.

Monoculturalism revisited

When Dan Geer, Charles Pfleeger, et al. last fall released the incendiary report, ''Cyber Insecurity: The Cost of Monopoly'', quite a few folks perked up, including Dr. Geer's employer.

In the report, this team, which was made up of some of the world's foremost authorities on security, present a powerful argument against what has become the status quo in much of the corporate and government IT realm.

To make a long story short, the report claims that Microsoft's dominance has created a global target environment that leaves little guesswork for the bad guys (girls, things, dogs, whatever) while the good guys find themselves in ever-shortening supply, trying to defend increasingly complex, yet predictable, systems.

That, predictability, can be fatal.

Referring to Nimda and Slammer, they wrote, ''These worms did not have to guess much about the target computers because nearly all computers have the same vulnerabilities.''

Let me say that the problem that's going to have you pulling your hair out when the next virus/worm/rootkit hits the streets, is predictability.

Defaults. That's the ticket in. That's what the worm authors are banking on. Nimda relied upon them, and so did Blaster, SQL-Snake, Code Red, and nearly every other self-propagating beastie since the Morris Worm hit the wild 16 years ago.

Here's a look at some of the default conditions that a few mass attacks took advantage of:

  • 1988: Morris Worm -- Sendmail DEBUG enabled, fingered running, C compiler present (Unix);
  • 1999: Melissa -- Outlook mail reader uses MS Word, macros enabled in Word;
  • 2000: I Love You -- Windows Scripting Host enabled, Active Scripting enabled (Windows/IE);
  • 2001: Code Red -- .ide/.ida bindings in IIS;
  • 2001: Nimda -- Sharing enabled, scripts/vti_bin/msadc dirs allow execution:
  • 2003: Blaster -- RPC/DCOM interface enabled;
  • 2003: Slammer -- MSDE 2000 installed and network enabled by many products, and
  • 2004: W32/Bobax -- UPnP enabled (used for target identification).

    Across the board, no firewall was enabled... by default.

    Now, we're not going to delude ourselves into believing that automata are the only things that ail our information systems. There are plenty of other information warfare tactics that are equally, if not more, destructive and costly. But worms sure take a bite.

    Off the top of your head, how many hours have you or your staff spent on cleaning up the past year's worth of pseudo-randomly targeted attacks?

    Continue on to hear how being different, and even being obscure, can be your biggest weapon against attacks.