"muninsfire: Calling erewhon....

Last time this came up, IIRC, it was stated that NASA, et al, have 'honeypot' systems filled with spurious, though tantalizing, information--if you go cracking into 'em multiple times, they trace you and send the guys in the suits who have no sense of humour.

You rang? This is what, like rerun #4 for this one guy?

Ok, kiddies, here is something that is the absolute truth. Consider it closely when you go groping around other people's systems.

All these agencies have their very own MIS departments, who, contrary to popular opinion, are very VERY good at what they do. The military guys have the Defense Information Systems Agency, for example, although quite often the intelligence branches for the various services get in the game as well. We have at least two military MIS guys that post regularly on Fark. One of them works at NORAD, for example.

Now, it's not unheard of for DIA to launch attacks on various military MIS systems just to see how well they are doing. I recall one physical invasion where they infiltrated a Marine base and corrupted their system, but I digress.

Here's the deal. There are no less than three military networks. The lowest level is NIPRNET, and it is tied to the civilian internet by gateways. It is fairly secure, but no secure data is trusted on it.

Next is SIPRNET. SIPRNET is ok for traffic up to 'TS'. SIPRNET is not physically connected to the civilian Internet. Anywhere. At all. You can't "hack into it" because there are no systems with both connections. That is verboten. They audit you to make sure you didn't do some dorky multihomed system with links to both. All the time. There's even rules about how close you can put a NIPRNET and a SIPRNET machine in the same room.

But wait, SIPRNET is TS at best. It has its very own web program called Intelink-S. SIPRNET has all SORTS of cool stuff on it, but it's been described as tactical instead of strategic and while I don't go surfing around just to see what I can get into (bad form) that's probably true.

Then you have JWICS. JWICS is top level. It has SCI level stuff. You use Intelink-SCI. It has battle plan type crap, strategic level info. On JWICS the elder gods of They® reside, like Zeus on Olympus. You thought DISA was a biatch about SIPRNET. JWICS isn't the sort of thing you want due to the asspain level it brings you.

Like SIPRNET, JWICS is totally separate, it has NO physical connections to ANYTHING civilian. It's the sort of thing where they might monitor the freaking dispersion characteristics and signal flight time of the fiber for taps. The sort of thing where they'll probably end up using OAM-entangled modulation. Where the cable sheath might be pressurized and double walled with marker gas in the outer sheath that sets off alarms when the slightest pinhole occurs. Personally, I don't know how the physical level of JWICS is protected and don't want to.

Now, for the sort of thing our young Brit is discussing, data for SCI projects, that would be on JWICS, if it were stored on ANY accessible server. You would not be getting into JWICS. I can't imagine a more classified project. Hell, it's probably OVER SCI, whatever's up there in the security stratosphere. But it couldn't be less than SCI.

It would be a violation of any number of legal documents and/or oaths to put something like that on NIPRNET, much less on a civilian web server.

So, what did he find? Well, they put out honeypots. The term is "military intrusion detection honeypot". You can't readily get to it, so there's no chance of you doing it by accidentally clicking the wrong link, Google doesn't spider it, etc. No, you have to get in there and go fishing. And they make up these really interesting fictions for you to find. I have seen some honeypots with "complete plans for a thermonuclear weapon", for example.

I haven't read this particular article. In previous ones, he had all sorts of comments like "there were hackers in there EVERY NIGHT, and lots of times it was the same ones over and over". Yes, fool boy, there were. And all of them are going to get the same treatment YOU did. The ones that weren't just DISA guys checking out the funny stuff.

DOE sets these up too. There are at least four or five sites I've been to myself, to see the funny material. They take Visa. For nuclear weapon components. There is no direct link to get you there. DOE's sights are set a little lower than military bases, though. For DOE, you have to do a search on that site's search engine. Show me "slapper". Amazing! A link will appear. Then as you go there, man, they are SELLING these things! Right here! On the web! On this "forgotten page"! I wonder if I just fill in my info, and hit "buy"....

What's even more amusing is that people DO THIS. At least one time that I got this big amusing anecdote on, these guys have tried to purchase triggered gas switches with a friggin' VISA. They got them too, they were non-functional dummies, and the DOE guy delivered them dressed as a Fedex guy. Hilarity did NOT ensue."