DOD Overhauls Network to Thwart Crackers 28
Toddius Maximus
wrote in to send us a CNN story about the
Departent of Defense Overhauling
their network to prevent cracker attacks. How's that for
a feeling of warm fuzzies?
I think there's a world market for about five computers. -- attr. Thomas J. Watson (Chairman of the Board, IBM), 1943
POLITICIANS ARE RESPONSIBLE FOR DEFENSE! (Score:1)
Makes me wonder how vulnerable it was BEFORE (Score:2)
"DISA's plans include the filtering of what DISA called "notorious" protocols routinely exploited by hackers... The protocols include the PostOffice Protocol (POP), which allows remote users to read e-mail stored on a central server; remote-access protocols, which allow users to read their e-mail from another system; and Packet Internet Groper (Ping).... The inability of NIPRNET to handle the loads imposed by Web traffic without lags or delays had resulted in numerous military commands installing Internet "backdoors" on their systems."
Unless they're not telling us the important stuff, what they're doing is pretty darn basic -- I'd do this kind of thing for a small business. It doesn't really surprise me that their security was so bad, but they ARE the DOD.
Re:Makes me wonder how vulnerable it was BEFORE (Score:1)
Would someone PLEASE send them a firewall? Or just configure their router? Maybe they haven't heard about the "established connection" feature.
Christ, these guys are responsible for our defense?
The colors are red and black (Score:1)
The military uses red and black, not red and green. Same principal. (I had help designing a firewall for them once, and have a interface labled red, and the other black was in the requirements. I don't remember which is which off hand.
BTW, this isn't ment to imply that all networks are connected, there are networks that are unconnected. The semi-secure but internet connected network is firewalled by this box, not the most highest security level networks, which not physical connection is allowed.
Let me summarize the article for you... (Score:5)
A DOD spokesman has publicly stated that as soon as
their sys admins are tired of playing Quake, they
fully intend to install tcp_wrapper on most of
their systems, just as soon as they're done
sorting their bookmarks and reading Slashdot
they promised they would get right on it and
install that wrapper any day now, and if they
can have Friday off, they may even upgrade and patch
the old buggy daemons they left running, but
as one DOD sys admin stated "Phf! That's not my job!"
then he quickly returned his attentions to a
heated Phantom Menace debate on "Ain't It Coll News."
Won't help (Score:1)
It's basically the conscensus in the community that they're just adding a few firewalls. I think the DOD has more to worry about from internal threats than anything a bunch of adolescent l335 script kiddies could do.
--
Re:Won't help (Score:1)
Doesn't work. There have been demonstrations of how quickly one can crack that system. It's really simple - put a rubber sleeve (tightly) around the tubing, puncture the tube, and take a pressure reading. Equalize the pressure, hack hack hack.
--
Re:Grrrrr.. (Score:1)
And Ping doesn't stand for anything. It's just Ping. Like the submarines do.
Re:Let me summarize the article for you... (Score:2)
The words "hacker" and "Y2K" on the internet are the equivalent of "fire" in a crowded theater.
Who cares if the DOD website is brought down 4 times a day or cracked 250,000 times a year? (Where does that number come from? Is a port scan a crack?) It's non-classified, the admins are upgrading the routers and applying patches.
CNN filler. They ran out of Microsoft pr announcements to post as news.
hacker != cracker (Score:2)
a hacker is someone who hacks hardware and OSes
whereas a cracker is traditionally one who cracks
software copyright and helps in the distribution
of such warez.
see Hacker V Cracker [manos.com] on manos.com,
Cracker
The definition of a cracker is one who attempts to break into a system using techniques that he does not fully understand. Most of the crackers are young teenage punks who are very malicious and seek to get their kicks from destroying or alternating data on a system.
Hacker
The hacker on the other hand is an individual who yearns for knowledge. The hackers are very knowledgeable individuals. They often times know several programming languages, work extensively with the inwards and outwards of UNIX, have a firm understanding of all the TCP/IP implementations and protocols. They keep abreast on all the security related issues involving computers. Breaking into a system for a hacker is a thrill, it is a challenge that they take on. The hacker takes much delight in exploring the system from the outside/inside searching vigorously for misconfigurations, bugs, and holes in the operating system that would allow them to break into a machine. Once in the system the challenge has been completed and they have succeeded in breaking in. It is against hacker ethics to alter any data aside from the logs that are needed to clean their tracks. They have no need or desire to destroy data as the malicious crackers. They are there to explore the system and learn more. The hacker has a constant yearning and thirst for knowledge that increases in intensity as their journey progresses.
Re:hacker != cracker (Score:1)
http://www.netmeg.net/jargon/terms/c.html#crack
Re:hacker != cracker (Score:2)
From the jargon dictionary:
--
cracker
1981--82 on Usenet was largely a failure.
Use of both these neologisms reflects a strong revulsion against the theft and vandalism perpetrated by cracking rings. While it is expected that any real hacker will have done some playful cracking and
knows many of the basic techniques, anyone past larval stage is expected to have outgrown the desire to do so except for immediate, benign, practical reasons (for example, if it's necessary to get around
some security in order to get some work done).
Thus, there is far less overlap between hackerdom and crackerdom than the mundane reader misled by sensationalistic journalism might expect. Crackers tend to gather in small, tight-knit, very secretive
groups that have little overlap with the huge, open poly-culture this lexicon describes; though crackers often like to describe *themselves* as hackers, most true hackers consider them a separate and
lower form of life.
Ethical considerations aside, hackers figure that anyone who can't imagine a more interesting way to play with their computers than breaking into someone else's has to be pretty losing. Some other
reasons crackers are looked down on are discussed in the entries on cracking and phreaking. See also samurai, dark-side hacker, and hacker ethic. For a portrait of the typical teenage cracker, see warez
d00dz.
Um, this is news? (Score:3)
So, starting sometime in July, they're going to filter some protocols, maybe POP, maybe telnet, but they haven't decided what to filter yet. Hmm...the first thing I did on my Linux boxen was to turn off any protocols that I didn't use and to set up ipchains to filter the rest. I also set Samba not to listen to the outside world, but only to my 192.168.0.* C network. And I'm new at this.
Typical government: A network that is several years old finally gets the consultant once-over and the committee decides to form a committee to look into what to do.
Mike
--
And theft is a 'good thing' (Score:1)
A 'good thing' if ever I saw it.
*COUGH*
Re:Won't help (Score:2)
And finger... (Score:1)
/* We could keep this thread going all day with these
Re:The colors are red and black (Score:1)
Re:Grrrrr.. (Score:1)
+--
Given infinite time, 100 monkeys could type out the complete works of Shakespeare.
1 clueless user (Score:1)