ASSOCIATES (vol. 4, no. 3, March 1998) -

Table of Contents

                          *INFO FROM THE SUPERHIGHWAY


                                Linda Putnam
                            Documents Department
                          Florida State University

	I became very interested in this topic when I found out that 
someone has been breaking into the Tallahassee Freenet System.  For 
those of you who are unaware of it, the Tallahassee Freenet was 
started by the Leon County Public Library.  Even though the physical 
location of the system has changed, there is a great deal of input and 
cooperation between the Freenet staff and the Public Library staff. 

	The break-in was discovered when the Director of the Tallahassee
Freenet tried to log on to the system and was kicked out. During the 
search for how and why this happened, the volunteer "techies" found 
that someone on the system had broken in and was systematically 
deleting files from the system.  You can imagine (maybe you can't) 
the upset and frustration this caused.  This hacker was having a 
wonderful time deleting files all over the place.  

	This happened on February 16, 1998 and the attempt to disrupt 
the use of the system was very successful.  Tallahassee Freenet had to
shut down for several days to clean up and restore files.  Thousands 
of users of the Tallahassee Freenet lost home directories, system 
files and most of their messages whether they were saved or unsaved, 
read or unread.  No one knows the actual total of lost messages and 
destroyed data. 

	You can imagine how everyone felt when they had to take the 
system off-line to kick the hacker out.  This was the third in a 
series of break-ins by what is assumed to be the same hacker.  
Damage was done all three times but the February 16th break-in was 
the worst.  During the first break-in, he downloaded all of the 
passwords causing everyone using the system to have to change their 
passwords.  That time the system stayed off-line for several days 
until security could be put into place which would hopefully keep 
the hacker out of the system.  Unfortunately, hackers know more 
ways to break into a system that System Administrators have to protect 
their systems.

	Investigation has shown that this same hacker has entered 
computers from Florida State University as well as some from the State
of Florida.  Tracing a hacker is a very complicated process, so 
investigators have only traced this one as far as Europe.  Officials 
are closing in, but you can imagine how quiet they are keeping most of
their search information because they want to be able to prosecute 
this hacker when he or she is finally traced.

	This is only one of the recent break-ins among computer systems 
in the United States and around the world.  If you have been following
the news, you have heard of the break-ins at the Pentagon, the CIA, 
and NASA.  One prankster changed the home page of the CIA Web to a 
pornographic picture.  It was quickly discovered and fixed.  It took a
little longer to trace the hacker.   This particular hacker, from 
Japan, has been training other hackers, and some of these "trainees" 
have given interviews about what they consider to be their sport.  
Anyone interested in reading one of the interviews can find it at  The excuse used by the 
hacker who was interviewed to justify his actions was that the 
hackers are plugging holes in the system.  BUT...they are also 
creating back doors so that they or anyone else who figures out the 
password can get back in.  You may want to read this article as the 
hacker says that if the U.S. takes action against hackers, they
will start a campaign of destruction against U.S. computer systems. 

	As you can see, hacking is a problem for System Administrators
everywhere, whether at a local level where hackers are having fun 
breaking into a LAN (Local Area Network), stretching their skills by 
breaking into a system like Tallahassee Freenet, or becoming a real 
"pro" by breaking into one of the federal databases.  Administrators 
need to be aware of what is happening in the field and what they can 
do about it.

	Listed below are some of the sites which I have found which hold
good information about protecting your computer system.  Nothing is 
foolproof because as soon as the "techies" find a way to block them 
the "hackers" find a way around them...but these things help.
An AT&T Bell Laboratories Research World-Wide Web Server
CheckPoint Software Technologies Ltd.: Home of FireWall-1
Computer and Network Security Reference Index
SRI Computer Science Laboratory
Raptor Application Firewall for Network Security
Great Circle Associates Home Page
Trusted Information Systems Home Page
Network/Computer Security Technology
NetPartners Home Page
ASG World Wide Web HomePage

The COAST Project and Laboratory
NIST Computer Security Resource Clearinghouse
Forum of Incident Response & Security Teams
Intrusion Detection Systems (IDS) Archives by thread
Distributed Computing and Network Security
General Computer Security Information
Global Operating Systems Technology Group
CERT-UU Computer Emergency Response Team Home Page
Rutgers WWW-Security Index page

Wietse's Home page
Wietse's collection of tools and papers
Matt's Unix Security Page
Commercial Firewalls and Related FW Products

Bugtraq Archives by thread
System administration, system monitoring and network monitoring.
Unix Computer Security Information.