[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: What's Really Going On (Was: Re: CDR: Pentagon under attack)
On the Contrary, I think this is not even going on, but a serious military
disinformation ploy to create an environment for even more repression in
cyberland and elsewhere.
On Sat, 6 Mar 1999, Ken Williams wrote:
> I'm willing to bet that this hyped up sequel to Solar Sunrise is nothing
> more than a bunch of kids having a big laugh at the expense of the DoD and
> the media by scanning DoD networks with Nmap, using the '-D' (decoy_host)
> flag (and various stealth options too of course) with a bunch of hosts that
> resolve to .ru, .cn, .cu, .ir and .jp domains. Considering that DoD IDS
> only drops about 80% of packets, they are probably too busy mopping the
> floor to turn off the faucet.
> Ken Williams
> Packet Storm Security http://packetstorm.genocide2600.com/
> Trinux: Linux Security Toolkit http://www.trinux.org/ ftp://ftp.trinux.org
> PGP DH/DSS/RSA Public Keys http://packetstorm.genocide2600.com/pgpkey/
> E.H.A.P. VP & Head of Operations http://www.ehap.org/ email@example.com
> NCSU Computer Science http://www.csc.ncsu.edu/ firstname.lastname@example.org
> p.s. Nmap is a wonderful tool, btw. If you don't already have it, get it
> from Fyodor's Playhouse at:
> On Sat, 6 Mar 1999, Dave Emery wrote:
> > Date: Sat, 6 Mar 1999 14:29:52 -0500
> > From: Dave Emery <email@example.com>
> > To: William H. Geiger III <firstname.lastname@example.org>
> > Cc: email@example.com
> > Subject: Re: CDR: Pentagon under attack
> > On Fri, Mar 05, 1999 at 10:27:51PM -0500, William H. Geiger III wrote:
> > > In <199903060102.TAA17569@einstein.ssz.com>, on 03/05/99
> > > at 08:02 PM, Jim Choate <firstname.lastname@example.org> said:
> > >
> > > > By Barbara Starr
> > > > ABCNEWS.com
> > > > W A S H I N G T O N, March 5 - The Pentagon's military computer
> > > > systems are being subjected to ongoing, sophisticated and organized
> > > > cyber-attacks, officials there tell ABCNEWS.
> > > > And unlike in past attacks by teenage hackers, officials believe
> > > > the latest series of strikes at defense networks may be a concerted
> > > > and coordinated effort coming from abroad.
> > >
> > > I don't know, I might just be silly here, but if the system is that
> > > sensitive why do they have it connected to outside links in the first
> > > place??
> > >
> > > I have a "secure" system that I do my sensitive work on, it's in a Tempest
> > > rated case, disconnected from my network and outside lines. It is not even
> > > directly connected to the power grid.
> > >
> > > Now if little 'ol me can figure out how to keep a sensitive system from
> > > being hacked, you would think the DOD could manage it?!?
> > The DOD has several world wide Intranets that are crypto
> > protected and walled off for just that reason. Notable ones include
> > SIPRNET, JWICS, and NIPRNET. All traffic on these networks on external
> > links outside of SCIFs is encrypted with KG-184s or equivalent type 1
> > crypto. Most all of the really sensitive DOD stuff is on servers and
> > workstations/PCs on these classified networks only and there is supposed
> > to be no gateway or other path from these networks to the unclassified
> > public Internet. In fact, because these nets reflect different levels
> > of security and compartmentalization they aren't supposed to have access
> > to each other either as I understand it. And as far as I know, no
> > machines are allowed to be on more than one Intranet at once and there
> > are even restrictions about physically locating machines on one net near
> > machines on another.
> > So far the only machines that hackers have ever been reported as
> > having penetrated are machines on the public Internet with supposedly
> > unclassified contents. Of course people being what they are, not
> > everything on unclassified Internet connected machines has turned out
> > to be completely harmless and entirely unclassified....
> > --
> > Dave Emery N1PRE, email@example.com DIE Consulting, Weston, Mass.
> > PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18