-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Thursday, November 29, 2001 8:39 AM To: daily Subject: NIPC Daily Report, 29 November 2001 NIPC Daily Report 29 November 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - The National Infrastructure Protection Center (NIPC) issued Advisory 01-027 "Significant Vulnerability Identified In Common Linux File Transport Protocol Program." The NIPC has learned about a vulnerability in versions of the Washington University File Transport Protocol Daemon (WU-FTPD) that could lead to an attacker gaining surreptitious access to sensitive information. For those systems using the WU-FTPD service for which a patch is not yet available, it is suggested that you either disable FTP by blocking TCP port 21 or, in those instances where this is not an option, disable anonymous logon. Additional technical information, including a list of affected versions can be found at the following Web site: http://aris.securityfocus.com/alerts/wuftpd/. Private Sector - NTR. International - NTR. Government - On 27 November, Rep. Jeff Flake ( R-AZ) introduced legislation which establish a centralized Web site for people to share tips on possible terrorist activity with law enforcement, which would be called www.911.gov. "We need one simple, easy-to-find Web site that will provide the public with critical information about homeland security, and also permit concerned citizens to provide tips to the proper authorities about suspicious activities." The newly established Office of Homeland Security would be responsible for maintaining the site. (Source: Newsbytes, 28 November) According to Mark Forman, associate director for information technology and electronic government at the Office of Management and Budget (OMB), federal agencies will have to reallocate funds to comply with a new administrative mandate to identify critical information technology systems and other assets this budget year. OMB is directing large agencies to participate in a program that identifies agency assets that are vital to the nation's physical and economic security. In addition to IT systems, employees need to operate the systems and buildings that house those systems which are critical assets that must be identified and protected, said John Tritak, director of the Critical Infrastructure Assurance Office (CIAO). The CIAO uses a template to identify each agency's critical assets, the networks on which those assets rely, and the underlying infrastructures that support the networks. (Source: Federal Times, 28 November) Military - NTR U.S. SECTOR INFORMATION: Water Supply - NTR Transportation - NTR Gas and Oil Storage Distribution - NTR Telecommunications - NTR Emergency Services - NTR Banking and Finance - NTR Government Services - NTR Electrical Power - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:35:52 PDT