[iwar] News
From: Fred Cohen
From: fc@all.net
To: iwar@egroups.com
Fri, 7 Jul 2000 06:47:28 -0700 (PDT)
fc Fri Jul 7 06:48:13 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Fri, 07 Jul 2000 06:48:13 -0700 (PDT)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Fri Jul 7 13:48:06 2000)
X-From_: sentto-279987-443-962977651-fc=all.net@returns.onelist.com Fri Jul 7 08:47:26 2000
Received: from fk.egroups.com (fk.egroups.com [208.50.144.73]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id IAB26216 for ; Fri, 7 Jul 2000 08:47:26 -0500
X-eGroups-Return: sentto-279987-443-962977651-fc=all.net@returns.onelist.com
Received: from [10.1.10.35] by fk.egroups.com with NNFMP; 07 Jul 2000 13:47:30 -0000
Received: (qmail 5053 invoked from network); 7 Jul 2000 13:47:30 -0000
Received: from unknown (10.1.10.27) by m1.onelist.org with QMQP; 7 Jul 2000 13:47:30 -0000
Received: from unknown (HELO all.net) (24.1.84.100) by mta1 with SMTP; 7 Jul 2000 13:47:29 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id GAA11261; Fri, 7 Jul 2000 06:47:28 -0700
Message-Id: <200007071347.GAA11261@all.net>
To: iwar@egroups.com
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Fri, 7 Jul 2000 06:47:28 -0700 (PDT)
Reply-To: iwar@egroups.com
Subject: [iwar] News
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: *HOT:CYBERTERRORIST NOTICE/CONFIDENTIAL*
05 July 2000
SECTION A - OPEN SOURCE
Private Sector - ( Network News, 3 July) Network News reported that
Cisco has issued a fix for a serious router and switch vulnerability
that could let malicious users crash networks. The defect, which came
to light at the beginning of this month, is present in any image that
supports web management of routers from IOS release 11.1 and all later
releases. The company said the bug can be exploited to produce a Denial
of Service (DoS) attack. In a detailed description of the problem,
Cisco said any affected IOS device that is operating with the HTTP
server enabled, and is not protected against unauthorized connections,
can be forced to halt for a period of up to two minutes and then reload.
The vulnerability can be exercised repeatedly, potentially creating a
DoS attack, until the HTTP server is disabled, the router is protected
from the attack, or the software on the router is upgraded to an
unaffected release of IOS.
(Vnunet.com, 3 July) According to Vnunet.com, antivirus experts have
warned users to watch where they surf after the appearance of a virus
that can be caught just by visiting a web page. Kaspersky Labs today
issued a warning about an Internet worm called' Jer' that was placed on
a website within the Geocities community. The worm's author announced
the website - entitled "The 40 ways women fail in bed" - on several
Internet relay chat (IRC) channels, attracting more than 1000 visitors
on its first day. When users visited the site they would have received
a warning from their system asking whether they wanted to accept or
reject an unknown script - which unbeknown to them contained the worm
.Kaspersky said most users are likely to press "yes" to get rid of the
pop-up message, but in doing so would be infecting their PC. The worm's
payload is very similar to that of viruses such as the LoveBug and its
many variations in that it tries to email itself out to every address in
the users' Microsoft Outlook address book.
(Computer World, 3 July) Computer World reported that more than 1,000
Web sites were taken off-line or slowed over the past two weeks as a
result of problems in the Vienna, Va., data center of Internet hosting
firm Verio Inc. Verio officials confirmed Wednesday that about 1,200
Web sites - 235777773220f the 60,000 hosted at the Vienna facility -
were affected to varying degrees by the router problems, which began
June 23. The problem started when Verio did a routine update of
configuration tables on its Cisco Systems Inc. routers, said Doug
Schneider, Verio's president of Web services. "It took us a little
while to recognize that the configuration tables were causing (the
problem)," Schneider said, because the problem was intermittent.
Technicians fixed it by Wednesday, he said.
(Vnunet.com, 3 July) Vnunet.com reported that Symantec antivirus users
have been urged to check their software after two of the vendor's recent
updates caused problems for a number of users. According to Symantec,
several users who downloaded the company's virus definitions updates on
16 and 19 June have suffered what appears to be a system slow down or
freeze. Eric Chien, chief researcher at Symantec, said the problems
occurred when the company implemented a new script scanning engine for
detecting viruses. "Traditionally, the way we scanned for viruses was
to look at only certain parts of files. However, with the new VBS
infections, like the Love Bug, it is now necessary to look at the whole
file," he said. Device files appeared "infinite" to the virus scanning
software, which meant that the software was unable to finish scanning
for viruses and the PC would appear to freeze up, said Chien.
International - ( National Post,5 July) According to National Post,
people using privacy software developed by Zero-Knowledge Systems Inc.
of Montreal have been unable to access the FBI's Web site, prompting
conspiracy theorists to speculate that the agency is trying to restrict
use of the controversial privacy software. The FBI yesterday denied
such suggestions and Zero-Knowledge said the anomaly is a mystery.
Indeed, users of the company's Freedom 1.1 software were able to access
the sites of other law enforcement agencies, including those operated by
the National Security Agency, Central Intelligence Agency, U.S.
Department of Justice and the RCMP. Rex Tomb, head of the
Washington-based FBI's Internet media services unit, said yesterday
there has never been any attempt to prevent users of any kind of
software from accessing the FBI's Web site.
(FBIS, 5 July) Since the Korea Federation of Bank and Financial Labor
Unions (KFBU) has called on workers in charge of computer networks to
join a planned general strike on July 11, concern has risen over the
possibility of financial networks crashing. The government and banks
are setting up emergency plans to avoid a recurring nightmare; in June
1998, the financial payment system, ground to a halt after workers from
closed banks sabotaged the system. Instability in the financial system,
however, is not likely to be averted despite contingency plans because
authorities lack enough experienced workers. The government will
dispatch personnel, including temporary employees and retired or
dismissed workers, to computer centers in each bank and major
facilities. Banks and other financial institutions are trying to
dissuade union members in charge of computer networks from joining the
strike and have set up their own emergency teams. However, they predict
limited success at best.
(Newswire.com, 3 July) A recent hack into an Australian government GST
Web site shows the clear need for stricter regulations on placing
private information in online databases, according to one of Australia's
most infamous hackers. Skeeve Stevens, the man convicted of infamous
'Optik Surfer' hack, and the first Australian to be sent to prison for
crimes associated with hacking, argues that the incident demonstrates
the need for stricter controls on the way in which government bodies and
large organizations place data in online environments. Stevens was a
leading light in the 'Optik Surfer' incident, which saw credit card
details for 1,200 subscribers from ISP AusNet accessed via a standard
Net connection in 1995. After a protracted trial, Stevens was convicted
in 1998, and served an 18-month jail term. The 'Optik Surfer' attacks,
like last week's incident which saw 17,000 businesses emailed and warned
of a possible security violation on the GST Assist Web site, was
motivated by a desire to alert the public of possible dangers.
Military - (Government Computer News, 3 July) The Air Force has created
a Senior Executive Service position overseeing systems development and
funding--a systems czar of sorts who will report to the chief
information officer. This is the first step toward implementing a
standard information technology infrastructure, said Air Force Secretary
F. Whitten Peters at a recent Armed Forces Communications and
Electronics Association luncheon. The civilian position, which would
rank in the chain of command at the three-star general officer level,
"is full-time help for our part-time CIO," Peters said. He cited a
major Air Force command that has 1,400 servers at 40 bases, a single
wing with 47 separate LANs and a single base with 353 network gateways.
What's more, Peters said, the service recently discovered that one of
its product centers has 80,000 security holes.
U.S. Government - (Government Computer News, 3 July) According to
Government Computer News, the United States is doing "less than it
should" to protect its critical infrastructure from weapons of mass
disruption, Sen. Charles Schumer said recently and called for a $256
million increase in fiscal 2001 funding for systems security. So far,
the House has denied the request. Current funding is $1.75 billion.
"Cybersecurity is not really on anybody ('s) radar screen," Schumer
(D-N.Y.) said at a recent symposium on information security sponsored by
the Brookings Institution in Washington. The country is still mired in
a Cold War mentality of spending money on weapons while ignoring the
threat of hackers working for unfriendly nations or terrorists, said a
panel of systems experts.
(Federal Computer Week, 3 July) A new report on e-commerce and
cybercrime provides tips for governments to consider in order to prevent
security breaches. The white paper, "E-Commerce and Cyber Crime: New
Strategies for Managing the Risks of Exploitation," focuses on
businesses, but the issues are applicable to governments too. KPMG
Consulting LLC's Forensic and Litigation Services released the report.
Tom Talleur, managing director of that department and author of the
report, was the former advanced technology programs executive in charge
of the Network and Advanced Technology Crimes Division at NASA.
(CNN, 3 July) According to a CNN news report, the debate over whether
the United States faces imminent danger from cyberterrorist attacks took
a new turn last week when the top defender of the nation's key
information systems said "terrorism" may be too strong a word when
describing potential cyberthreats. Richard Clarke, national
co-ordinator for security, infrastructure protection and
counterterrorism at the National Security Council, said that while it
would be a "tough call" to tell the difference between an attack by
hackers and one launched by terrorists intent on disrupting national
security, the administration's cyberdefense programs are battling a
perception problem that stems from the misuse of the word terrorism.
Telecommunications - (Government Computer News, 3 July) Washington area
agencies will keep their telephone numbers and get lower prices under
the new Washington Interagency Telecommunications System 2001 contract
for local service, but they will have to change their ordering and
billing procedures, said officials of contractor Bell Atlantic Corp.
More than 170,000 telecommunications lines in the General Services
Administration's national capital region must shift to the new contract
by March. The Defense Department, a new customer, will double the size
of WITS 2001's user base. GSA estimated it could save federal users in
the Washington area $300 million on phone charges over eight years.
------------------------------------------------------------------------
Free Conference Calling with Firetalk!
Click Here!
http://click.egroups.com/1/5480/14/_/595019/_/962977651/
------------------------------------------------------------------------
------------------
http://all.net/