Firewalls: Po' widdle PCs

Firewalls
(January 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Po' widdle PCs
From:	padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Date:	Wed, 4 Jan 95 21:27:34 -0500
To:	"cedpali @ ris001 . ris . or . gov"@UVS1.dnet.mmc.com
Cc:	"firewalls @ greatcircle . com"@UVS1.dnet.mmc.com

>Is anyone aware of any actual break-in that was accomplished by "taking 
>over" a PC (running DOS or Windows or Windows for Workgroups or NT) and then 
>launching an attack from there?  I don't mean dialling in to a modem on the 
>PC, but an attack that could have been prevented by a better firewall.  


Yes, the "dutch hacker" incident in which tracer.army.mil was taken over.
Remember the "Dan Quayle" account ? Tracer was a PC running what looked like
XENIX. I have a copy of the video made of the incident. The A-6s then used 
files found on tracer to springboard onto other systems AFAIR.

						Warmly,
							Padgett

Indexed By Date	Previous:	Re: email monitoring From: johnb @ jbxs1 . jbx . com (John Boudreaux)
Indexed By Date	Next:	Counterpoint From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)
Indexed By Thread	Previous:	Re: bsdi and secureID (access?) From: Rob Liebschutz <rob @ rjl . com>
Indexed By Thread	Next:	Counterpoint From: padgett @ tccslr . dnet . mmc . com (A. Padgett Peterson, P.E. Information Security)