Internet Snooping

Subject: Internet Snooping
From: Chuck Banks <chuck -at- ASL -dot- DL -dot- NEC -dot- COM>
Date: Wed, 9 Feb 1994 12:37:28 CST

Hi, All!

If you listened to National Public Radio's morning program
you heard a report from Eugene Spafford, Purdue University, about a
Trojan horse program that copies internet user IDs and passwords and
passes them to system pirates. If not, here's the text of an article
in the February 7, 1994 issue of _Communications_Week_:

Intruders Gain Access to Remote Systems via Internet

By Sharon Fisher

PITTSBURG Organizations that use the Internet to
log into remote systems may have had their remote
accounts compromised and should change the passwords
on those accounts, the Computer Emergency Response
Team warned last week.

The group, based here, tracks Internet security
problems and alerts users to them. The most
recent alert is aimed at users who use one Internet
system to reach another one, such as through Telnet,
Rlogin or FTP.

The advisory stated that an unknown number of Trojan
horse programs have been written to record log-on
identifications and passwords as users connect to
the remote systems, much like tapping a phone line.
Through these programs, malicious hackers have been
able to gain access to tens of thousands of Internet

The primary targets appear to be commercial Internet
service providers, but any system that provides
remote access is potentially at risk, according to
the group.

A program was recently written that uses a Unix
monitoring tool present on Sun Microsystems Inc.'s
Sun-3 and Sun-4 workstations running the SunOS 4.x
operating system and on Solbourne Computer Systems.
The advisory includes directions on how to discover
whether the monitoring tool is being used, and how
to modify it so it cannot be used for this purpose.

The advisory can be found in the COMP.SECURITY.ANNOUNCE
news group or via anonymous ftp from INFO.CERT.ORG.

I hope this helps you protect your systems.

Best Regards!

Chuck Banks
__ ________ ______
|\\ | || // Chuck Banks
| \\ | ||_______ || Senior Technical Writer
| \\ | || || NEC America, Inc.
| \\| \\______ \\______ E-Mail: chuck -at- asl -dot- dl -dot- nec -dot- com
America, Incorporated CompuServe: 72520,411

Previous by Author: Re: Terminology for Windows Applications
Next by Author: Re: Indexing information
Previous by Thread: To Expand on One of Saul's Points
Next by Thread: Re[2]: Minimalist Writing

What this post helpful? Share it with friends and colleagues:

Sponsored Ads