|
CIAC Advisory number A- 23
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
________________________________________________________________________
THE COMPUTER INCIDENT ADVISORY CAPABILITY
CIAC
ADVISORY NOTICE
________________________________________________________________________
New Internet Attacks
April 11, 1990, 1000 PST Number A-23
The last rash of attacks on machines connected to the Internet subsided
last week with the arrest of three individuals believed to have
intruded into numerous systems. However, a new wave of attacks on
both UNIX and VMS systems has begun. CIAC strongly advises that you
take the following precautions:
1. Poor passwords continue to provide the major avenues of
attack. Check for unpassworded accounts, accounts in which the account
name and password are identical, and system accounts frequently used by
intruders. If you do not currently have a password checking tool,
please call CIAC.
2. Ensure that frequently exploited UNIX vulnerabilities are
closed, especially the following UNIX vulnerabilities, all of which are
described in previous CIAC bulletins:
/dev/mem
tftp/rwalld
ftp
restore/dump
rcp/rdist
rcp
DECODE alias
sendmail
finger
pre-configured host.equiv file
3. Be careful to not leave files or codes (including copies of
security-related tools, source listings and/or executable binaries of
malicious code, etc.) which you do not want to fall into hands of
intruders on machines connected to the Internet. During the current
wave of Internet attacks, sensitive files and codes have been stolen
from user directories, even when the file protections would normally
not allow access to the information. Don't let this happen to you!
4. CIAC recommends that you install a network monitor to assure
that all connections from external sites are authorized. (Such a
monitor may, however, require a dedicated system, significant disk
space, and considerable effort on the part of knowledgeable technical
personnel.) For assistance in setting up such a scheme, please call
CIAC.
For additional information or assistance, please contact CIAC:
Eugene Schultz
(415) 422-8193 or (FTS) 532-8193
FAX: (415) 423-0913 or (415) 422-4294
CIAC's 24-hour emergency hot-line number is (415) 971-9384.
FELIX, CIAC's bulletin board service (BBS) can be accessed at 1200 or
2400 baud at (415) 423-4753 or (FTS) 543-4753. (9600 baud access can
be obtained from Lawrence Berkeley and Lawrence Livermore Laboratories
at 423-9885.) The notices listed in 2. above can be obtained from
this bulletin board.
Neither the United States Government nor the University of California
nor any of their employees, makes any warranty, expressed or implied,
or assumes any legal liability or responsibility for the accuracy,
completeness, or usefulness of any information, product, or process
disclosed, or represents that its use would not infringe privately
owned rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation, or favoring by the United States Government or the
University of California. The views and opinions of authors expressed
herein do not necessarily state or reflect those of the United States
Government nor the University of California, and shall not be used for
advertising or product endorsement purposes.
|
|
