-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Wednesday, March 06, 2002 5:39 AM To: Daily Distribution Subject: NIPC Daily Report 6 March 02 NIPC Daily Report 06 March 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures. Bill seeks dialogue between Feds, 'First Responders'. The House Intelligence Terrorism and Homeland Security Subcommittee has introduced legislation that seeks to open a pipeline of communication between certain federal agencies and the "first responders" to emergencies. The legislation would require federal, state, and local emergency personnel to share information. The pending bill calls for using technology to declassify data and share information through unclassified networks such as the National Law Enforcement Telecommunications System. Under the law, agencies would have six months to develop the procedures for sharing information. (Govexec, 1 Mar) 311 lightens load for swamped 911 centers. The Justice Department, as part of its community-policing efforts, has allocated $5.5 million to help re-establish the toll-free 311 telephone number for non-emergency calls to police and other government offices. After the events on 11 September, phone lines in many cities were besieged by callers worried about terrorist attacks and anthrax scares. The 311 call centers, initially reserved nationwide in 1997 for non-emergency calls, usually operate 24 hours a day. The centers take requests for service in their jurisdictions and often dispatch help. (USA TODAY, 5 Mar) Drug dealer's COMSEC rattles INCB. The International Narcotics Control Board (INCB) says drug gangs are using secure Internet communications and launching cyber attacks on law enforcement agencies. The gangs are storing information such as bank details, contact numbers, landing-strip coordinates, and drug manufacturing recipes in encrypted form on computers and pocket organizers. The gangs apparently are highly sophisticated communicators, protecting their chat rooms with strong firewalls and sophisticated encryption technology. A 30-second encrypted transmission is reported to have taken best experts 24 hours to crack--too slow to be of value against the gang's tactical operations. (The Guardian UK, 2 Mar) E-mail worm warning. "Klez.E" is a mass-mailing e-mail worm that exploits vulnerability in Microsoft Outlook and Outlook Express. Its destructive payload attempts to disable anti-virus products on the 6th day of every month except January and July. "Klez.E" also attempts to overwrite files that have extensions .txt, .htm, .html, wab, .doc, .xls, .jpg, .cpp, .c, .pas, .mpg, .mpeg, .bak or .mp3. A patch is available at http://ww.microsoft.com/technet/treeview/default.asp?url=/technet/security/b ulletin/MS01?020. (Newsbytes, 20 March) FedCIRC/CC advisory. The Federal Computer Incident Response Center (FedCIRC) and the Computer Emergency Response Team/Coordinator Center (CERT/CC) issued joint FedCIRC-CERT/CC Advisory FA-2002-06/CA-2002-06 on 4 March, regarding vulnerabilities that have been discovered in several implementations of the Remote Authentication Dial In User Service (RADIUS) server. These vulnerabilities can overflow the buffer in the function that calculates message digests, making it possible to overflow the buffer with shared secret data. This condition could lead to a denial of service against the server. See the advisory is at http://www2.fedcirc.gov/advisories/FA-2002-06.html. (FedCIRC, 4 Mar) Microsoft advisory MS02-013. The version of Microsoft VM that ships with Internet Explorer version 4.x and 5.x. contains a flaw affecting how Java requests for proxy resources are handled. A malicious Java applet could exploit this flaw to re-direct web traffic once it has left the proxy server to a destination of the attacker's choice. See http://www.microsoft.com/technet/security/bulletin/ms02-013.asp for the full-text advisory and patch. (Microsoft, 4 Mar)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:09 PDT