-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Monday, July 23, 2001 9:10 AM To: daily Subject: NIPC Daily Report 23 July 01 Significant Changes and Assessment - No significant changes. Private Sector - The Secure Shell community has been alerted to a potential root exploit in SSH Secure Shell 3.0.0 on Unix machines arising from a problem with password authentication to the sshd2 daemon. This vulnerability could potentially wreak havoc on accounts with password fields consisting of two or fewer characters allowing an attacker to exploit the bug by logging in to these accounts using any password -- even an empty password. Affected systems include: Red Hat Linux 6.1 thru 7.1, Solaris 2.6 thru 2.8, HP-UX 10.20, HP-UX 11.00, Caldera Linux 2.4, and Suse Linux 6.4 thru 7.0. A fixed version, SSH Secure Shell 3.0.1, is available for download at: ftp://ftp.ssh.com/pub/ssh. A patch for 3.0.0 source code is also available at this ftp site. (Source: SecurityWatch, 23 July) Government - U.S. Attorney General John Ashcroft announced the creation of 10 "specialized prosecutorial units" designed to help the federal government further crack down on Internet crime. Located in nine U.S. cities: Los Angeles, San Diego, Seattle, Brooklyn, New York City, Dallas, Boston, Atlanta, and Alexandria, Virginia. The Computer Hacking and Intellectual Property (CHIP) units will consist of special teams of attorneys trained to prosecute people on charges of computer intrusion, electronic copyright violations, fraud, and "other Internet crimes," Ashcroft said on 20 July. Ashcroft said "These new teams will prosecute vigorously those responsible for cybercrime, as a result we hope to reinforce the message to would-be criminals that there are no free passes in cyberspace. Crimes will be investigated and criminals will be prosecuted to the fullest extent of the law, the work of the CHIP units would help to erase the perception of lawlessness that computer crime creates." (Source: United Press International, 20 July) Retaliation against perceived network attackers has been a popular subject in the security community. The NIPC has included a reference to this activity in it's Highlights document, released on 15 July. The message is - Don't. "A counterattack against a system believed to be the source of an attack may violate state and/or federal laws pertaining to unauthorized access or disruption of computers and computer networks." In addition, should a retaliatory strike be carried out across international borders, further laws could be breached in the country of origin or destination. (Source: @Stake Security News Network, 20 July) International - A study commissioned by the Germany's Economics Ministry concluded German companies are inadequately equipped to protect themselves from Internet attacks. The report, seen by Handelsblatt, says that small and medium-sized businesses need to build up their own security systems to protect effectively against Internet attacks. The report's proposal were welcomed by both BITKOM, the German association for IT, telecommunications and new media industries, and DIHK, the German chamber of trade and industry. The two institutions called for the government to provide follow-on financing for a security system. The Economics Ministry study recommends the construction of a Computer Emergency Response Team, or CERT, for small and medium sized companies, which would be able to respond quickly to attacks on data systems. (Source: Dow Jones and Company, 17 July) Military - NTR Defacements - NTR U.S. SECTOR INFORMATION: Transportation - The Wall Street Journal reported on its web-site that a computer glitch allowed frequent fliers who logged onto United Airlines' Web site to look at other people's Mileage Plus account information for more than 12 hours. The users weren't able to see the name and address information of other account holders, nor were they able modify information in the accounts. However, the glitch did allow users to access the feature on the Web site that would enable someone to use the information on the screen to book award tickets. The problem came to the attention of frequent fliers on 19 July, when someone named "Neal" in Fort Lauderdale, Florida., alerted them in a message on the Flyertalk bulletin board. According to the article, Neal changed the date of his request only to see the Mileage Plus account of a stranger. Then, when he hit the back button on his browser, a second Mileage Plus account appeared. A spokeswoman for United told The Journal that the glitch occurred for a "very short period of time" and that the problem was fixed. (Source: Associated Press, 23 July) Emergency Services - NTR Electrical Power - NTR Telecommunications - NTR Banking and Finance - NTR Government Services - NTR Water Supply - NTR Gas and Oil Storage Distribution - NTR Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:23:57 PDT