Firewalls: RE: Air Force Web Site Hacked

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Air Force Web Site Hacked
From:	Sebastian Stache <zeb @ sbbs . se>
Date:	Wed, 8 Jan 1997 12:05:34 +0100
To:	"'patton @ sysnet . net'" <patton @ sysnet . net>
Cc:	"'Firewalls (inet/GreatCircle)'" <Firewalls @ GreatCircle . COM>

I fully agree. At the same time I'm relieved,
since it means we're not experiencing anything
magical.


----------
From: 	Matthew Patton[SMTP:patton @
 sysnet .
 net]
Sent: 	 den 5 januari 1997 00:50
To: 	Sebastian Stache
Subject: 	Re: Air Force Web Site Hacked

>Or are there html
>specific inherent weaknesses

not necessarily in the protocol but in the anchient and poor setups used 
by most casual webadmins.  Not 1 week before the incident I urged ASSIST 
(the military pseudo equiv of CERT) to start beating the drum about 
patheticly insecure websites.  People routinely leave test-cgi with all 
it's niceties left available.  Did they have FTP?  Probably.  It is 
appalling how little the 'network professionals' really know about their 
systems, host and network security.  I thought the Pentagon could command 
better.  I'm reminded daily that this isn't so, whether it be military 
folk or contractors.

Indexed By Date	Previous:	I DON'T HAVE FUNDING FOR A FIREWALL...HELP!!! From: Franke Albert 2 Lt USAFE CSS/SCBS <albert . franke @ ramstein . af . mil>
Indexed By Date	Next:	Re: Re: NCSA != NCSC From: Sebastian Stache <zeb @ sbbs . se>
Indexed By Thread	Previous:	Re: Air Force Web Site Hacked From: gunni @ if . is (Gunnar Ingvi Thorisson)
Indexed By Thread	Next:	Re: Air Force Web Site Hacked From: uskanbye @ ibmmail . com