Internet is safe despite WorldCom woes. The bankruptcy filing by WorldCom Inc., which transmits half of the world's Internet traffic over its backbone network, does not threaten to slow the Internet and is unlikely to prompt widespread outages, experts said on 22 July. The second largest US long-distance telephone and data services company filed for Chapter 11 bankruptcy protection on 21 July. The bankruptcy filing will have almost no effect whatsoever on the Internet, according to experts at Matrix NetSystems Inc., which measures Internet performance. If the Chapter 11 reorganization does not succeed for WorldCom, its assets will be sold or the US government may step in to ensure that there is no impact on the network. (Reuters, 22 Jul) BT duff DNS makes UK Web sites invisible. Surfers browsing the Internet using BT connections are having difficulties accessing Web sites because of problems with some of the communication providers' domain name servers (DNS). The problem, which has been ongoing for at least the last two weeks, has led to a steady trickle of complaints to Web hosting companies from clients complaining that their domains are down. In fact, their sites are up and running, as attempts to connect through other Internet service providers illustrates. Although this problem does not affect all of the major DNS servers at BT, enough are being affected to decrease Internet traffic to major British based websites and portals. (The Register, 23 Jul) WWU Comment: Although this is the result of an internal mistake at a British communications provider, this type of error is one of the means in a cyber attack, rendering the Internet useless to users. DNS is the means by which users do not have to remember the actual IP address of distant end servers and allows a proper naming convention assignment to each distant end. In this case, the web servers and clients are functional, but the means to identify each has been altered to disallow access from a client to the distant end. A corruption or disturbance of level domain name servers in the US would produce the same results. Scripting flaw threatens Web servers. A flaw found in newer versions of the PHP: Hypertext Preprocessor (PHP) Web server scripting language could allow attackers to crash, and in some cases control, computers over the Internet. The vulnerability affects versions 4.2.0 and 4.2.1 of PHP, according to the PHP Group. The flaw occurs because of a problem in the way PHP handles the memory allocated for data recovered from customer forms on Web pages. Such data is known as POST data, after the HTTP command name, and could be formatted by an attacker to compromise the Web server. The flaw is the second major security hole to affect PHP this year. In February 2002, another vulnerability that affected more versions of the scripting server and that could have led to a greater number of compromises was announced. The PHP Group has released a new version, PHP 4.2.2, that corrects the flaw. (ZDNet News, 22 Jul) Bush approves Nevada nuke waste site. President Bush formally approved Nevada's Yucca Mountain as the nation's high-level nuclear waste dump on 23 July. President Bush hopes the move will pave the way for more nuclear energy production. It was included in the White House's long-term national energy strategy, released in 2001, and Bush endorsed the project in February. The Department of Energy still needs a license from the Nuclear Regulatory Commission, which could take up to five years. Nevada officials, who fought against the dump 90 miles northwest of Las Vegas, continued their pledge to block nuclear waste site through lawsuits; currently the state has five pending. Nevada senators tried for months to rally their colleagues against the Yucca dump, hoping concerns about thousands of waste shipments crossing 43 states would sway some lawmakers. (wire.ap.org, 23 Jul) _______________________________________________ Infragard_unsecured mailing list Infragard_unsecured@private http://listserv.leo.gov/mailman/listinfo/infragard_unsecured
This archive was generated by hypermail 2b30 : Wed Jul 24 2002 - 10:49:38 PDT