ASSOCIATES (vol. 4, no. 3, March 1998) - associates.ucr.edu
*INFO FROM THE SUPERHIGHWAY
COMPUTER SECURITY AND THE LIBRARY*
by
Linda Putnam
Documents Department
Florida State University
lputnam@mailer.fsu.edu
I became very interested in this topic when I found out that
someone has been breaking into the Tallahassee Freenet System. For
those of you who are unaware of it, the Tallahassee Freenet was
started by the Leon County Public Library. Even though the physical
location of the system has changed, there is a great deal of input and
cooperation between the Freenet staff and the Public Library staff.
The break-in was discovered when the Director of the Tallahassee
Freenet tried to log on to the system and was kicked out. During the
search for how and why this happened, the volunteer "techies" found
that someone on the system had broken in and was systematically
deleting files from the system. You can imagine (maybe you can't)
the upset and frustration this caused. This hacker was having a
wonderful time deleting files all over the place.
This happened on February 16, 1998 and the attempt to disrupt
the use of the system was very successful. Tallahassee Freenet had to
shut down for several days to clean up and restore files. Thousands
of users of the Tallahassee Freenet lost home directories, system
files and most of their messages whether they were saved or unsaved,
read or unread. No one knows the actual total of lost messages and
destroyed data.
You can imagine how everyone felt when they had to take the
system off-line to kick the hacker out. This was the third in a
series of break-ins by what is assumed to be the same hacker.
Damage was done all three times but the February 16th break-in was
the worst. During the first break-in, he downloaded all of the
passwords causing everyone using the system to have to change their
passwords. That time the system stayed off-line for several days
until security could be put into place which would hopefully keep
the hacker out of the system. Unfortunately, hackers know more
ways to break into a system that System Administrators have to protect
their systems.
Investigation has shown that this same hacker has entered
computers from Florida State University as well as some from the State
of Florida. Tracing a hacker is a very complicated process, so
investigators have only traced this one as far as Europe. Officials
are closing in, but you can imagine how quiet they are keeping most of
their search information because they want to be able to prosecute
this hacker when he or she is finally traced.
This is only one of the recent break-ins among computer systems
in the United States and around the world. If you have been following
the news, you have heard of the break-ins at the Pentagon, the CIA,
and NASA. One prankster changed the home page of the CIA Web to a
pornographic picture. It was quickly discovered and fixed. It took a
little longer to trace the hacker. This particular hacker, from
Japan, has been training other hackers, and some of these "trainees"
have given interviews about what they consider to be their sport.
Anyone interested in reading one of the interviews can find it at
http://www.antionline.com/PentagonHacker/ The excuse used by the
hacker who was interviewed to justify his actions was that the
hackers are plugging holes in the system. BUT...they are also
creating back doors so that they or anyone else who figures out the
password can get back in. You may want to read this article as the
hacker says that if the U.S. takes action against hackers, they
will start a campaign of destruction against U.S. computer systems.
As you can see, hacking is a problem for System Administrators
everywhere, whether at a local level where hackers are having fun
breaking into a LAN (Local Area Network), stretching their skills by
breaking into a system like Tallahassee Freenet, or becoming a real
"pro" by breaking into one of the federal databases. Administrators
need to be aware of what is happening in the field and what they can
do about it.
Listed below are some of the sites which I have found which hold
good information about protecting your computer system. Nothing is
foolproof because as soon as the "techies" find a way to block them
the "hackers" find a way around them...but these things help.
http://www.research.att.com/
An AT&T Bell Laboratories Research World-Wide Web Server
http://www.checkpoint.com/
CheckPoint Software Technologies Ltd.: Home of FireWall-1
http://www.telstra.com.au/info/security.html
Computer and Network Security Reference Index
http://www.csl.sri.com
SRI Computer Science Laboratory
http://www.raptor.com
Raptor Application Firewall for Network Security
http://www.greatcircle.com
Great Circle Associates Home Page
http://www.tis.com
Trusted Information Systems Home Page
http://www.tezcat.com/web/security/security_top_level.html
Network/Computer Security Technology
http://www.netpart.com/
NetPartners Home Page
http://www.ASG.unb.ca/
ASG World Wide Web HomePage
ORGANIZATIONS
http://www.cs.purdue.edu/coast/coast.html
The COAST Project and Laboratory
http://csrc.ncsl.nist.gov
NIST Computer Security Resource Clearinghouse
http://first.org
Forum of Incident Response & Security Teams
http://www.geek-girl.com/ids
Intrusion Detection Systems (IDS) Archives by thread
http://www.lerc.nasa.gov/Unix_Team/Dist_Computing_Security.html
Distributed Computing and Network Security
http://www.alw.nih.gov/Security/
General Computer Security Information
http://catless.ncl.ac.uk/Risks
RISKS-LIST: RISKS-FORUM Digest
http://nii-server.isi.edu/gost-group/
Global Operating Systems Technology Group
http://www.cs.ruu.nl/cert-uu/
CERT-UU Computer Emergency Response Team Home Page
http://www-ns.rutgers.edu/www-security/
Rutgers WWW-Security Index page
People
http://www.win.tue.nl/win/math/bs/wietse/
Wietse's Home page
ftp://ftp.win.tue.nl/pub/security/index.html
Wietse's collection of tools and papers
http://www.deter.com/unix/
Matt's Unix Security Page
http://www.access.digex.net/~bdboyle/firewall.vendor.html
Commercial Firewalls and Related FW Products
Misc.
http://www.geek-girl.com/bugtraq/
Bugtraq Archives by thread
http://www.ensta.fr/internet/unix/sys_admin
System administration, system monitoring and network monitoring.
http://www.alw.nih.gov/Security/security.html
Unix Computer Security Information.