Great Circle Associates Firewalls
(November 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: GE break-in
From: Doug Hughes <Doug . Hughes @ Eng . Auburn . EDU>
Date: Tue, 29 Nov 1994 10:47:52 -0600
To: z056716 @ uprc . com
Cc: firewalls @ GreatCircle . COM
In-reply-to: <9411282239 . AA13154 @ cygnus . uprc . com>

well, there are several GE people that read this newsgroup regularly,
but I don't see them volunteering any information..
Suffice it to say that GE used the bastion host approach.. You have
to login to the bastion to get in or out, nothing is passed. (excepting
mail and NNTP, possibly a few other innocuous things). This
info is several months old. A person wanting to hack would have to 
hack the bastion(s) first.

This is fairly evident through DNS.. there are only two GE hosts listed
for DNS nameservers and 3 for mail exchangers (with overlap between the
two). Now, you know they have to have more than 3 hosts. (well, they do).
they also refuse zone transfers. It's actually a pretty good firewall
as they go.. There must have been a passwd leak somehow (speculation).
Bastion access used to be tightly controlled.

I would consider disclosure unlikely.. (ie don't hold your breath)

--
____________________________________________________________________________
Doug Hughes					Engineering Network Services
System/Net Admin  				Auburn University
			doug @
 eng .
 auburn .
 edu
"The Light at the end of the tunnel is the headlamp of an oncoming train"



Follow-Ups:
References:
  • GE break-in
    From: z056716 @ uprc . com (LaCoursiere J. D. (Jeff))
Indexed By Date Previous: SATAN
From: bmaggio @ lci . com (Bill Maggio)
Next: Re: Unix on Pentium for firewall
From: wrkgrp!zaphod!jac @ uunet . uu . net (John A Cifonelli)
Indexed By Thread Previous: GE break-in
From: z056716 @ uprc . com (LaCoursiere J. D. (Jeff))
Next: Re: GE break-in
From: jet @ abulafia . genmagic . com (J. Eric Townsend)

Google
 
Search Internet Search www.greatcircle.com