-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, August 24, 2001 9:12 AM Subject: 24 August 2001 NIPC Daily Report The NIPC Daily Report Prepared by WWU 24 August 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC of the FBI. Significant Changes and Assessment - No significant changes Private Sector - Hoping to reduce the impact of hacker attacks such as the "Code Red" worm, Microsoft Corp. released a security tool on 23 August, designed to help less technically sophisticated users eliminate vulnerabilities in their servers. The free, downloadable security tool helps users disable functions and settings that could leave their servers open to an attack, said Scott Culp, Microsoft's security program manager. These include Internet printing, advanced search functions, and certain scripting technologies that enable viruses and worms to spread. The tool is designed for a part of the Windows NT and Windows 2000 operating systems known as Internet Information Services that must be installed to publish Web pages. (Source: Associated Press, 23 August) World of Hell (WoH) crackers hacked the Web site of the Association for Computing Machinery on 24 August. The site's homepage was replaced with the following defacement: "Owned by Messiah?X_ from WoH." The Safemode defacement monitoring site said acm.org was running Netscape's Enterprise Web server software on IBM's AIX Unix OS. The hack is thought to have been made through an open telnet or FTP remote access port. WoH members said they formed their hacking group earlier this year to take over prominent sites. ACM boasts a global membership of more than 80,000 IT professionals and claims to be the largest and longest?established computing society. (Source: vnunet.com, 24 August) Security experts and vendors of Linux and other Unix?like operating systems are urging network administrators to replace some versions of Sendmail, because the most recent open?source versions can provide a doorway for local hackers. Since malicious individuals would need to gain command?line access to a server in order to exploit the vulnerability, the problem is greatest for organizations such as Internet Service Providers or universities that regularly provide shell access to users. The Security Focus Threat Analysis Team, reported late last week that hackers with access to run Sendmail from the command line of vulnerable systems could possibly gain administrator access to the server by supplying specially crafted commands. (Source: Newsbytes, 23 August) IT managers and security experts have expressed alarm at a new hacking tool, called AirSnort, for accessing supposedly secure wireless local area networks (WLANs). The tool, freely available on the Internet, can recover encryption keys used to protect data sent over wireless networks by exploiting flaws in the Wired Equivalent Privacy (WEP) security protocol. AirSnort passively monitors the transmissions of the WLAN and, when sufficient packets of data between 100MB and 1GB in size have been gathered, is able to compute the encryption password. (Source: ZDNet UK, 24 August) International - One of the UK's leading crime-fighting units is heading for a row with the ISP industry after it accused ISPs of hindering the fight against cyber-crime by deleting vital customer data from their systems. Last week, representatives of the National Criminal Investigation Service (NCIS) held off-the-record briefings with a number of journalists in a bid to step up pressure on ISPs to keep more customer data. NCIS's actions have angered the ISP community, according to the ISP Association, because a number of ISPs already voluntarily keep customers data to give to law enforcement agencies such as the police and NCIS. (Source: New Media Age, 23 August) Government - The National Institute of Standards and Technology (NIST) will bring out the National Software Reference Library next month for federal law enforcement agencies. The software can capture in seconds up to 100,000 files so investigators do not have to open every single file on a particular disk when examining digital evidence. "Sometimes the crime isn't a computer crime, but the records are in the computer:' said Barbara Guttman, a researcher in NIST's Information Technology Laboratory. "If you're running your illegal gambling operations, you might store your books on the computer, and law enforcement wants to find those files." The software gives investigators a snapshot view of the files and categorizes them based on relevant factors. The FBI and Defense and Treasury departments already have signed up for $90 per year subscriptions. (Source: Government Computer News, 23 August) Military - NTR U.S. SECTOR INFORMATION: Water Supply - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR Emergency Services - NTR Electrical Power - NTR Telecommunications - NTR Banking and Finance - NTR Transportation - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:21 PDT