ASSOCIATES (vol. 4, no. 3, March 1998) - associates.ucr.edu

Table of Contents



                          *INFO FROM THE SUPERHIGHWAY
                       COMPUTER SECURITY AND THE LIBRARY*

                                     by

                                Linda Putnam
                            Documents Department
                          Florida State University
                           lputnam@mailer.fsu.edu

	I became very interested in this topic when I found out that 
someone has been breaking into the Tallahassee Freenet System.  For 
those of you who are unaware of it, the Tallahassee Freenet was 
started by the Leon County Public Library.  Even though the physical 
location of the system has changed, there is a great deal of input and 
cooperation between the Freenet staff and the Public Library staff. 

	The break-in was discovered when the Director of the Tallahassee
Freenet tried to log on to the system and was kicked out. During the 
search for how and why this happened, the volunteer "techies" found 
that someone on the system had broken in and was systematically 
deleting files from the system.  You can imagine (maybe you can't) 
the upset and frustration this caused.  This hacker was having a 
wonderful time deleting files all over the place.  

	This happened on February 16, 1998 and the attempt to disrupt 
the use of the system was very successful.  Tallahassee Freenet had to
shut down for several days to clean up and restore files.  Thousands 
of users of the Tallahassee Freenet lost home directories, system 
files and most of their messages whether they were saved or unsaved, 
read or unread.  No one knows the actual total of lost messages and 
destroyed data. 

	You can imagine how everyone felt when they had to take the 
system off-line to kick the hacker out.  This was the third in a 
series of break-ins by what is assumed to be the same hacker.  
Damage was done all three times but the February 16th break-in was 
the worst.  During the first break-in, he downloaded all of the 
passwords causing everyone using the system to have to change their 
passwords.  That time the system stayed off-line for several days 
until security could be put into place which would hopefully keep 
the hacker out of the system.  Unfortunately, hackers know more 
ways to break into a system that System Administrators have to protect 
their systems.

	Investigation has shown that this same hacker has entered 
computers from Florida State University as well as some from the State
of Florida.  Tracing a hacker is a very complicated process, so 
investigators have only traced this one as far as Europe.  Officials 
are closing in, but you can imagine how quiet they are keeping most of
their search information because they want to be able to prosecute 
this hacker when he or she is finally traced.

	This is only one of the recent break-ins among computer systems 
in the United States and around the world.  If you have been following
the news, you have heard of the break-ins at the Pentagon, the CIA, 
and NASA.  One prankster changed the home page of the CIA Web to a 
pornographic picture.  It was quickly discovered and fixed.  It took a
little longer to trace the hacker.   This particular hacker, from 
Japan, has been training other hackers, and some of these "trainees" 
have given interviews about what they consider to be their sport.  
Anyone interested in reading one of the interviews can find it at
http://www.antionline.com/PentagonHacker/  The excuse used by the 
hacker who was interviewed to justify his actions was that the 
hackers are plugging holes in the system.  BUT...they are also 
creating back doors so that they or anyone else who figures out the 
password can get back in.  You may want to read this article as the 
hacker says that if the U.S. takes action against hackers, they
will start a campaign of destruction against U.S. computer systems. 

	As you can see, hacking is a problem for System Administrators
everywhere, whether at a local level where hackers are having fun 
breaking into a LAN (Local Area Network), stretching their skills by 
breaking into a system like Tallahassee Freenet, or becoming a real 
"pro" by breaking into one of the federal databases.  Administrators 
need to be aware of what is happening in the field and what they can 
do about it.

	Listed below are some of the sites which I have found which hold
good information about protecting your computer system.  Nothing is 
foolproof because as soon as the "techies" find a way to block them 
the "hackers" find a way around them...but these things help.


http://www.research.att.com/
An AT&T Bell Laboratories Research World-Wide Web Server

http://www.checkpoint.com/
CheckPoint Software Technologies Ltd.: Home of FireWall-1

http://www.telstra.com.au/info/security.html
Computer and Network Security Reference Index

http://www.csl.sri.com
SRI Computer Science Laboratory

http://www.raptor.com
Raptor Application Firewall for Network Security

http://www.greatcircle.com
Great Circle Associates Home Page

http://www.tis.com
Trusted Information Systems Home Page

http://www.tezcat.com/web/security/security_top_level.html
Network/Computer Security Technology

http://www.netpart.com/
NetPartners Home Page

http://www.ASG.unb.ca/
ASG World Wide Web HomePage

ORGANIZATIONS
http://www.cs.purdue.edu/coast/coast.html
The COAST Project and Laboratory

http://csrc.ncsl.nist.gov
NIST Computer Security Resource Clearinghouse

http://first.org
Forum of Incident Response & Security Teams

http://www.geek-girl.com/ids
Intrusion Detection Systems (IDS) Archives by thread

http://www.lerc.nasa.gov/Unix_Team/Dist_Computing_Security.html
Distributed Computing and Network Security

http://www.alw.nih.gov/Security/
General Computer Security Information

http://catless.ncl.ac.uk/Risks
RISKS-LIST: RISKS-FORUM Digest

http://nii-server.isi.edu/gost-group/
Global Operating Systems Technology Group

http://www.cs.ruu.nl/cert-uu/
CERT-UU Computer Emergency Response Team Home Page

http://www-ns.rutgers.edu/www-security/
Rutgers WWW-Security Index page

People

http://www.win.tue.nl/win/math/bs/wietse/
Wietse's Home page

ftp://ftp.win.tue.nl/pub/security/index.html
Wietse's collection of tools and papers

http://www.deter.com/unix/
Matt's Unix Security Page

http://www.access.digex.net/~bdboyle/firewall.vendor.html
Commercial Firewalls and Related FW Products

Misc.

http://www.geek-girl.com/bugtraq/
Bugtraq Archives by thread

http://www.ensta.fr/internet/unix/sys_admin
System administration, system monitoring and network monitoring.

http://www.alw.nih.gov/Security/security.html
Unix Computer Security Information.