[ISN] DoD Net Overhaul to Thwart Hackers.

From: cult hero (jerichoat_private)
Date: Thu May 06 1999 - 20:41:30 PDT

  • Next message: cult hero: "Re: [ISN] The Light That Cracks the Code"

    Forwarded From: "Jay D. Dyson" <jdysonat_private>
    
    
    -----BEGIN PGP SIGNED MESSAGE-----
    
    http://www.fcw.com/pubs/fcw/1999/0503/fcw-newsdodnet-5-3-99.html
    
    DOD net overhaul to thwart hackers
    
    BY BOB BREWIN (antennaat_private) 
    
    The Defense Department has started an overhaul of its global unclassified
    network to fight off the barrage of hacker attacks the department's
    systems suffer and to increase capacity to handle a huge rise in traffic
    to and from the Internet. 
    
    The Defense Information Systems Agency plans to redesign its
    Non-Classified Internet Protocol Router Network, DOD's primary entry into
    commercial World Wide Web sites, to take advantage of enhanced security
    measures and to improve overall performance. 
    
    The NIPRNET redesign, scheduled for completion in December with main
    network components slated for installation no later than June, will
    provide DOD with a network better designed to stave off hacker attacks
    that hit DOD systems at a rate of 250,000 a year, according to a DOD
    source briefed on the network plan.
    
    Tony Montemarano, chief of Defense Information Systems Network services
    for DISA, said the agency is well on its way with the NIPRNET upgrade. 
    "The equipment is purchased, and we are upgrading software loads," 
    Montemarano said. 
    
    He said that besides providing security, the NIPRNET upgrade also will
    provide "protection against denial-of-service attacks.... We want to be
    able to guarantee the availability of the network as well as provide
    additional security for the users." 
    
    DISA's plans include the filtering of what DISA called "notorious"
    protocols routinely exploited by hackers, according to briefing slides
    obtained by Federal Computer Week. 
    
    The protocols include the PostOffice Protocol (POP), which allows remote
    users to read e-mail stored on a central server; remote-access protocols,
    which allow users to read their e-mail from another system; and Packet
    Internet Groper (Ping), which hackers use to disable networks by
    overloading them with a command.
    
    According to the briefing slides, DISA plans to start filtering out these
    protocols by July. But the agency said it has not made any decision yet on
    which protocols to filter. 
    
    Montemarano declined to quantify the degree of security that the NIPRNET
    upgrade will provide, except to say, "It will be better...and performance
    will be improved considerably." 
    
    DISA is doubling the number of NIPRNET connections to the Internet because
    of the huge increase in traffic spurred by the development of the World
    Wide Web and the amount of information residing on Web sites outside
    NIPRNET, Montemarano said. "There is so much information out there our
    users want," he said.
    
    Increasing capacity also is a security measure. The inability of NIPRNET
    to handle the loads imposed by Web traffic without lags or delays had
    resulted in numerous military commands installing Internet "backdoors" on
    their systems. 
    
    DISA is looking to eliminate such backdoor connections. According to the
    DISA briefing, no unit or command will be allowed to connect a local- or
    wide-area network to NIPRNET until the network goes through a formal
    connection approval process. 
    
    Rear Adm. John Gauss, commander of the Space and Naval Warfare Systems
    Command, said he believes the NIPRNET redesign offers a better security
    alternative than the almost total retreat from the Internet advocated by
    Lt. Gen. William Campbell, the Army's director of information systems for
    command, control, communications and computers.
    
    "Campbell accurately addressed the threat," Gauss said, "but the thing I
    have to ponder is, [considering] the amount of electronic commerce we do
    with industry, is it viable just to disconnect from the Internet? What
    DISA is doing will protect DOD computing and still give us a viable means
    of communicating with industry." 
    
    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.2
    
    iQCVAwUBNzG8d82OVDpaKXD9AQEz/QP+L8hIQckN2eMQa9X08GoZVFkQ6u5A1vjB
    6r6AklwKcBtnm+k1qbcPfT5H8U2ne+n4YG3q0aCv+TkuiSP+ie2ZLP9pBrUn9Qhg
    8TxeWeU1dW+/tnNd6VK6S+hu8j3d+KOmKnUZfC/cRM+cn5xEn/F0eakBpZguSBFl
    IEX3Fx11cpg=
    =RF1u
    -----END PGP SIGNATURE-----
    
    -o-
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:23:04 PDT