[iwar] [fc:Internet.Vulnerabilities.to.Cyberterrorism.Exposed]

• Next message: Fred Cohen: "[iwar] [fc:Companies.rethink.Net.privacy.after.attacks]"
• Previous message: Fred Cohen: "[iwar] [fc:Daily.Briefing.--.Uncle.Sam.Should.Learn.to.Hack]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Return-Path: <sentto-279987-2626-1002077795-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 02 Oct 2001 19:57:17 -0700 (PDT)
Received: (qmail 28179 invoked by uid 510); 3 Oct 2001 02:56:42 -0000
Received: from n18.groups.yahoo.com (216.115.96.68) by 204.181.12.215 with SMTP; 3 Oct 2001 02:56:42 -0000
X-eGroups-Return: sentto-279987-2626-1002077795-fc=all.net@returns.onelist.com
Received: from [10.1.4.54] by n18.groups.yahoo.com with NNFMP; 03 Oct 2001 02:56:36 -0000
X-Sender: fc@big.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_4_1); 3 Oct 2001 02:56:35 -0000
Received: (qmail 62037 invoked from network); 3 Oct 2001 02:56:35 -0000
Received: from unknown (10.1.10.26) by l8.egroups.com with QMQP; 3 Oct 2001 02:56:35 -0000
Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 3 Oct 2001 02:56:35 -0000
Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id TAA10331 for iwar@onelist.com; Tue, 2 Oct 2001 19:56:35 -0700
Message-Id: <200110030256.TAA10331@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 2 Oct 2001 19:56:35 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Internet.Vulnerabilities.to.Cyberterrorism.Exposed]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Internet Vulnerabilities to Cyberterrorism Exposed
 
FBI, Networking group say the Internet wouldn't be able to withstand a 
major attack.

Patrick Thibodeau, Computerworld Online
Monday, October 01, 2001

The FBI and the System Administration, Networking, and Security
Institute today released a list of the 20 top vulnerabilities of
Internet-connected systems and urged companies to close dangerous holes
while warning again of virulent cyberattacks to come. 

"The Internet is simply not ready because of these vulnerabilities;
we're not ready to withstand a major attack," said Alan Paller, the SANS
Institute director, at a press briefing today.  The research took on
added importance in the wake of the September 11 terrorist attacks on
the U.S. 

The list of vulnerabilities, jointly prepared by Bethesda,
Maryland-based SANS and the FBI's National Infrastructure Protection
Center and a team of approximately 50 corporate and academic security
experts, is more exhaustive than a similar list released last year that
limited itself to the top 10 problems. 

The NIPC, based at FBI headquarters, was formed in 1998 to handle threat
assessment, investigations, and responses to any attacks on critical
U.S.  infrastructures. 

Citing the recent Code Red and Nimda worms, Paller said, "What many
people don't know is that a very small number of vulnerabilities are
used over and over in these attacks."

The top 20 list details vulnerabilities that are specific to Windows and
Unix-based systems, as well as problems that are common to any system,
such as no passwords or weak passwords, large number of open ports,
nonexistent or incomplete logging, vulnerable Common Gateway Interface
programs, unprotected Windows networking shares, and information leakage
via null session (also known as anonymous log-on) connections, as well
as a number of other technical issues. 

But fixing these holes won't be enough to improve security at Internet
connected systems, John Gilligan, the deputy CIO of the U.S.  Air Force
and chairman of the Federal CIO Council's security committee, warned at
today's briefing. 

Software makers need "a new approach to the design and fielding of their
products," said Gilligan, who added that "the find and fixed patch race
is something that is really starting to drain our resources."

Gilligan said commercial software needs to meet higher security
standards, reinforced by a "contractual or legal expectation."

"We realize that this will cost the industry additional expenses in the
development and testing of software; we would gladly pay that cost
upfront in the purchase price rather than incur the cost ...  which is
enormous," he said. 

The NIPC, like many security experts, is predicting an increase in
cyberattacks related to terrorist activities.  Some experts have said
they believe that such an increase is already under way. 

Robert Gerber, chief of analysis and warning at the NIPC, said it was
"remarkable" that the Nimda worm "showed up a week to the day to the
hour after the events of September 11."

Gerber surmised that Nimda might have been created as someone's
"perverse desire to commemorate" the September 11 tragedy.  "But I won't
know until the FBI apprehends the person that did it," he said. 

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

• Next message: Fred Cohen: "[iwar] [fc:Companies.rethink.Net.privacy.after.attacks]"
• Previous message: Fred Cohen: "[iwar] [fc:Daily.Briefing.--.Uncle.Sam.Should.Learn.to.Hack]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:53 PST