For anyone interested, this text was excerpted from the Computer Systems Laboratory (CSL) Bulletin for July 1993, entitled, "Connecting to the Internet: Security Considerations." Ironically, one paragraph specifically states the admitted security concerns for unencrypted traffic: "Ease of Spying and Spoofing: The vast majority of Internet traffic is unencrypted and therefore easily readable. As a result, e-mail, passwords, and file transfers can be monitored and captured using readily available software. Intruders have been known to monitor connections to well-known Internet sites for the purpose of gaining information that would allow them to crack security or to steal valuable information. This information sometimes permits intruders to spoof legitimate connections, i.e., trick system security into permitting normally disallowed network connections." Surprisingly, the article also acknowledges the mind-boggling growth of the Internet in a statement that says, "Consequently, the Internet is now growing faster than any telecommunications system thus far, including the telephone system." With that in mind, the "key-ecrow" system is, in my opinion, just the beginning in a systemmatic approach which I believe the NSA and the Justice Department will attempt to entrench in their ever-elusive "War on Drugs" (WoD), etc. This may become even more sinister in that the RICO statutes may empower them with the ability to effectively eavesdrop at will, monitoring voice and data communications in the shadows. This file is on the NIST's publicly available system as JUL93BLT.TXT. Other reports, announcements and bulletins are available on their system which may be of interest to you. Information about how to connect to the system is included below: "NIST maintains a computer security bulletin board system (BBS) and Internet-accessible site for computer security information open to the public at all times. These resources provide information on computer security publications, CSL Bulletins, alert notices, information about viruses and anti-virus tools, a security events calendar, and sources for more information. To access the BBS, you need a computer with communications capability and a modem. For modems at 2400 bits per second (BPS) or less, dial (301) 948-5717. For 9600 BPS, dial (301) 948-5140. Modem settings for all speeds are 8 data bits, no parity, 1 stop bit. Internet users with telnet or ftp capability may telnet to the BBS at cs-bbs.nist.gov (129.6.54.30). To download files, users need to use ftp as follows: ftp to csrc.nist.gov (129.6.54.11), log into account anonymous, use your Internet address as the password, and locate files in directory pub; an index of all files is available for download. For users with Internet-accessible e-mail capability, send e-mail to docserver@csrc.nist.gov with the following message: send filename, where filename is the name of the file you wish to retrieve. send index will return an index of available files." Paul Ferguson | "Government, even in its best state, Network Integrator | is but a necessary evil; in its worst Centreville, Virginia USA | state, an intolerable one." fergp@sytex.com | - Thomas Paine, Common Sense Type bits/keyID Date User ID pub 1024/1CC04D 1993/03/15 Paul Ferguson <fergp@sytex.com> Key fingerprint = EE D2 93 7D 04 6D C6 05 AC 36 AD 9D 8E 4F 41 58
participants (1)
-
fergp@sytex.com