Rumours of NSA breakin
Hi, I've been hearing rumours of an alledged compromise of the NSA Web server but no hard evidence. The claim made is that several Mb of files were downloaded from the server and posted to the "Internet". I can't see it in sci.crypt or alt.conspiracy though. I am more than a little skeptical of the claim, unless the files in question were not considered sensitive - and there is no reason to believe that the NSA would be keeing anything secret on their Web server. Banks do not keep money stuffed under mattresses and the NSA does not keep secrets on Internet servers. The origin of the rumour may be an "observation" that the DOJ hack was on the 19th August, the CIA one on the 19th of September. It is no secret that several sites were watching out for attacks on the 19th October. Has anyone heard anything more than a rumour of this alledged event? Phill
On Tue, 29 Oct 1996 hallam@ai.mit.edu wrote:
Hi,
I've been hearing rumours of an alledged compromise of the NSA Web server but no hard evidence. The claim made is that several Mb of files were downloaded from the server and posted to the "Internet". I can't see it in sci.crypt or alt.conspiracy though.
I have not heard this one, though every damn mailing list I'm on has people posting messages about "web servers being hacked" on a daily basis. Most of these have turned out to be "spoof" sites, like "nasa.com" instead of "nasa.gov." Big deal. Some nut even started posting the url to his "hacked nasa.com mirror site." Free advertising for a group that registers piles of domain names, and re-sells them. I've set up a number of networks for gubmint agencies, and all but one of these put their web servers on a completely different network with its own feed to a commercial ISP, and no other link to any internal agency network. If you look at the address range assigned to the web server, you'll see that it falls within a commercial CIDR block and isn't part of the gubmint agency's usual range. Many use "co-locate" sites AT an ISP, and contract out the web server - it isn't on the agency network OR the agency premesis. If anyone does compromise the site, they won't get any proprietary info, can't use the systems to attack other "trusted" systems, etc. About all they do is prove the agency hired a less-than-thorough contractor to run the web system. I would not be too concerned about threats to "National Security" regarding this alleged "incident." In my experience, most of the agencies putting up web servers are fairly security aware and capable. The holes are generally elsewhere, on legacy systems set up ages ago, located at under-staffed locations still using systems installed and maintained by someone who retired (or died) years ago. Just my $.02. -r.w.
I've been hearing rumours of an alledged compromise of the NSA Web server but no hard evidence. The claim made is that several Mb of files were downloaded from the server and posted to the "Internet". I can't see it in sci.crypt or alt.conspiracy though.
While it is true the NSA has some machines directly connected to the Internet (most are on private internal TCP/IP networks), and some even contain classified information, their WWW server isn't one of them. So, it is doubtful anything other than intended information was downloaded from it.
participants (3)
-
hallam@ai.mit.edu -
michael.tighe@Central.Sun.COM -
Rabid Wombat