********************************************************************** DDN Security Bulletin 01 DCA DDN Defense Communications System 22 Sep 89 Published by: DDN Security Coordination Center (SCC@NIC.DDN.MIL) (800) 235-3155 DEFENSE DATA NETWORK SECURITY BULLETIN The DDN SECURITY BULLETIN is distributed online by the DDN Security Coordination Center under DCA contract as a means of communicating information on network and host security exposures, fixes, & concerns to security & management personnel at DDN facilities. Back issues may be obtained via FTP (or Kermit) from the SRI-NIC host [26.0.0.73 or 10.0.0.51] using login="anonymous" and password="guest". The pathname for bulletins is DDN-NEWS:DDN-SECURITY-nn.TXT (where "nn" is the bulletin number). ********************************************************************** DDN SECURITY COORDINATION CENTER OPERATIONAL 1. The Defense Communications Agency has created a facility to help the DDN community when security-related situations occur. The function of the DDN Security Coordination Center (SCC) is to provide a centralized and coordinated capability for the rapid, reliable, and secure distribution and coordination of security related information between DDN users, operations staff, and system maintenance providers. 2. The Defense Data Network Security Coordination Center is now operational. 3. In the past, the unclassified DoD Internet has seen a rash of security incidents. Typically, these incidents were due to commonly known software weaknesses in UNIX-based host products. In one instance, the exposure had had a fix published several weeks before it was exploited by a hacker. DARPA and other Agencies established Computer Emergency Response Teams (CERTs) to report security-related problems to vendors and assist in validating/verifying their fixes. 4. But there was no central clearinghouse in place coordinating and disseminating security-related fixes to MILNET users. In the past, the Network Information Center (NIC) had been pressed into this service, and the contractor (SRI) has done an excellent job when called upon. But the NIC was never intended to handle such a task. Now DCA has funded SCC to be DDN's clearinghouse for host/user security problems and fixes and to work with the DDN Network Security Officer as needed. 5. The SCC is ready to assist you with network-related host security problems. Call (800) 235-3155 (7:00 a.m. to 5:00 p.m. Pacific Time) or send e-Mail to SCC@NIC.DDN.MIL. For 24 hour coverage, call the MILNET Trouble Desk (800) 451-7413 or AUTOVON 231-1713. ********************************************************************** X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X Another file downloaded from: NIRVANAnet(tm) &TOTSE 510/935-5845 Walnut Creek, CA Taipan Enigma Burn This Flag 408/363-9766 San Jose, CA Zardoz realitycheck 415/666-0339 San Francisco, CA Poindexter Fortran Governed Anarchy 510/226-6656 Fremont, CA Eightball New Dork Sublime 805/823-1346 Tehachapi, CA Biffnix Lies Unlimited 801/278-2699 Salt Lake City, UT Mick Freen Atomic Books 410/669-4179 Baltimore, MD Baywolf Sea of Noise 203/886-1441 Norwich, CT Mr. Noise The Dojo 713/997-6351 Pearland, TX Yojimbo Frayed Ends of Sanity 503/965-6747 Cloverdale, OR Flatline The Ether Room 510/228-1146 Martinez, CA Tiny Little Super Guy Hacker Heaven 860/456-9266 Lebanon, CT The Visionary The Shaven Yak 510/672-6570 Clayton, CA Magic Man El Observador 408/372-9054 Salinas, CA El Observador Cool Beans! 415/648-7865 San Francisco, CA G.A. Ellsworth DUSK Til Dawn 604/746-5383 Cowichan Bay, BC Cyber Trollis The Great Abyss 510/482-5813 Oakland, CA Keymaster "Raw Data for Raw Nerves" X-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-X