[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: What's Really Going On (Was: Re: CDR: Pentagon under attack)

To: Ken Williams <jkwilli2@unity.ncsu.edu>
Subject: Re: What's Really Going On (Was: Re: CDR: Pentagon under attack)
From: chatski carl <chatski@gl.umbc.edu>
Date: Sat, 6 Mar 1999 21:43:53 -0500 (EST)
cc: Dave Emery <die@die.com>, cypherpunks@toad.com, fyodor@dhp.com
In-Reply-To: <Pine.SOL.4.05.9903061812570.12116-100000@ultra2-100lez.eos.ncsu.edu>
Sender: owner-cypherpunks@toad.com

On the Contrary, I think this is not even going on, but a serious military
disinformation ploy to create an environment for even more repression in
cyberland and elsewhere. 


On Sat, 6 Mar 1999, Ken Williams wrote:

> Hi.
> 
> I'm willing to bet that this hyped up sequel to Solar Sunrise is nothing
> more than a bunch of kids having a big laugh at the expense of the DoD and 
> the media by scanning DoD networks with Nmap, using the '-D' (decoy_host)
> flag (and various stealth options too of course) with a bunch of hosts that 
> resolve to .ru, .cn, .cu, .ir and .jp domains.  Considering that DoD IDS 
> only drops about 80% of packets, they are probably too busy mopping the 
> floor to turn off the faucet.
> 
> Regards,
> 
> Ken Williams
> jkwilli2@csc.ncsu.edu 
> 
> Packet Storm Security                 http://packetstorm.genocide2600.com/
> Trinux: Linux Security Toolkit http://www.trinux.org/ ftp://ftp.trinux.org
> PGP DH/DSS/RSA Public Keys     http://packetstorm.genocide2600.com/pgpkey/
> E.H.A.P. VP & Head of Operations http://www.ehap.org/   tattooman@ehap.org
> NCSU Computer Science      http://www.csc.ncsu.edu/  jkwilli2@csc.ncsu.edu
> 
> p.s.  Nmap is a wonderful tool, btw.  If you don't already have it, get it 
>       from Fyodor's Playhouse at: 
>           http://www.insecure.org/
>           http://www.insecure.org/nmap/
> 
> On Sat, 6 Mar 1999, Dave Emery wrote:
> 
> > Date: Sat, 6 Mar 1999 14:29:52 -0500
> > From: Dave Emery <die@die.com>
> > To: William H. Geiger III <whgiii@openpgp.net>
> > Cc: cypherpunks@toad.com
> > Subject: Re: CDR: Pentagon under attack
> > 
> > On Fri, Mar 05, 1999 at 10:27:51PM -0500, William H. Geiger III wrote:
> > > In <199903060102.TAA17569@einstein.ssz.com>, on 03/05/99 
> > >    at 08:02 PM, Jim Choate <ravage@einstein.ssz.com> said:
> > > 
> > > >   By Barbara Starr
> > > >   ABCNEWS.com
> > > >   W A S H I N G T O N,   March 5 - The Pentagon's military computer
> > > >   systems are being subjected to ongoing, sophisticated and organized
> > > >   cyber-attacks, officials there tell ABCNEWS.
> > > >        And unlike in past attacks by teenage hackers, officials believe
> > > >   the latest series of strikes at defense networks may be a concerted
> > > >   and coordinated effort coming from abroad.
> > > 
> > > I don't know, I might just be silly here, but if the system is that
> > > sensitive why do they have it connected to outside links in the first
> > > place??
> > > 
> > > I have a "secure" system that I do my sensitive work on, it's in a Tempest
> > > rated case, disconnected from my network and outside lines. It is not even
> > > directly connected to the power grid.
> > > 
> > > Now if little 'ol me can figure out how to keep a sensitive system from
> > > being hacked, you would think the DOD could manage it?!?
> > 
> > 	The DOD has several world wide Intranets that are crypto
> > protected and walled off for just that reason.  Notable ones include
> > SIPRNET, JWICS, and NIPRNET.  All traffic on these networks on external
> > links outside of SCIFs is encrypted with KG-184s or equivalent type 1 
> > crypto.   Most all of the really sensitive DOD stuff is on servers and
> > workstations/PCs on these classified networks only and there is supposed
> > to be no gateway or other path from these networks to the unclassified
> > public Internet.  In fact, because these nets reflect different levels
> > of security and compartmentalization they aren't supposed to have access
> > to each other either as I understand it.   And as far as I know, no
> > machines are allowed to be on more than one Intranet at once and there
> > are even restrictions about physically locating machines on one net near
> > machines on another.
> > 
> > 	So far the only machines that hackers have ever been reported as
> > having penetrated are machines on the public Internet with supposedly
> > unclassified contents.  Of course people being what they are, not 
> > everything on unclassified Internet connected machines has turned out
> > to be completely harmless and entirely unclassified....
> > 
> > 
> > -- 
> > 	Dave Emery N1PRE,  die@die.com  DIE Consulting, Weston, Mass. 
> > PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18
> 

- Carl

References:
- What's Really Going On (Was: Re: CDR: Pentagon under attack)
  - From: Ken Williams <jkwilli2@unity.ncsu.edu>

Prev by Date: Sobriety (1)
Next by Date: Re: Sobriety (1)
Prev by thread: What's Really Going On (Was: Re: CDR: Pentagon under attack)
Next by thread: Re: What's Really Going On (Was: Re: CDR: Pentagon under attack)
Index(es):
- Date
- Thread