Interesting People mailing list archives
IP: US White House Hacked? (from RISKS)
From: David Farber <farber () central cis upenn edu>
Date: Sat, 2 Sep 1995 20:40:44 -0400
Date: 28 Aug 95 23:01:50 EDT From: David Kennedy <76702.3557 () compuserve com> Subject: US White House Hacked? [German Press Agency, 20 Aug 1995, Received in German through the Executive News Service of CompuServe. First pass machine translation by GlobaLink Power Translator v. 1.0; errors in translation by David M. Kennedy & Michel E. Kabay] German Hacker in White House Computer Annoys the Internet By Justus Demmer, German Press Agency Hamburg (German Press Agency) - Among those familiar with the Information Superhighway, there are certain rules of behavior: Netiquette. In the last week, German hackers have broken with Netiquette, offending some users of the global network of some 30 million computer users by sending a message accusing users of attempting to penetrate the US White House's computers. The alleged sender of these messages? President Bill Clinton. An article in the German Computer Magazine "c't," published in Hanover, broke the news. However the messages leave telltales of their German origin, which tipped off the Systems Administrator in the White House who in turn notified the German Computer Emergency Response Team, DFN-CERT. DFN-CERT functions as a kind of fire department for the Internet. They identified the "Clinton-Mails" as fakemail according to the magazine's article. DFN-CERT acted but withheld news of the attacks. [DMK: So apparently did the White House. Possibly one of the many Sendmail holes?] DFN-CERT staff member Uwe Ellerman said Internet users, and especially magazines, have a responsibility to acknowledge attacks. However many do not want to admit they were penetrated. Ellerman said that the press should report these matters. The magazine should make their own computers available for such silly tricks if they wish. However, explained c't editor Georg Schnurer, that has not been the case. He claimed the White House uses an old version of software for electronic mail handling which is obsolete. This program makes it possible to falsify mail. Many other System Administrators also use this older version, leaving the network vulnerable to similar attacks. [DMK: More pointers towards Sendmail. More pointers to why it should be acknowledged so that the clueless will check for Sendmail holes. Possibly confirming fact, the recent US CERT Sendmail Alert.] Ellerman and Schnurer do not agree whether public notice of the White House error was necessary or not, they do agree that to maintain integrity over their mail, users should encrypt their mail. David Kennedy / Vol.SysOp Natl Computer Security Assn Forum on CompuServe GO:NCSAFORUM M.E.Kabay,Ph.D. / Dir. Education, Natl Computer Security Assn (Carlisle, PA)
Current thread:
- IP: US White House Hacked? (from RISKS) David Farber (Sep 02)