Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mapping The CIA Nonclassified Network

Posted by ryuzaki0 on from the fun-with-data-extrapolation dept.

jeffy124 writes "A security firm Matta Security in London has mapped the CIA non-classified network. Using only legal and open sources, the company mapped topology of machines and even found networks otherwise closed to the public. The company never port scanned or probed the network directly. Among items they found were emails and phone numbers of sys admins and other employees. Amazingly, they did all this in two days."

21 of 242 comments (clear)

  1. I hope they also mapped out by Anonymous Coward · · Score: 1, Funny

    a way to slip out of their offices. Expect a knock on the door.

  2. Mapping was a planned leak! by tcd004 · · Score: 2, Funny

    According to the Pentagon News Herald

    TCD004

  3. Web Logs by CokeBear · · Score: 4, Funny
    Checking all my logs now for any access from 198.81.x.x

    Always nice to know if the spooks are checking up on me. (Not that I would give them any reason to)

    --
    Reality has a liberal bias
  4. So what? by oni · · Score: 4, Funny

    It don't claim to have found any private or restricted information. Everything they found was specifically put on the web to be found.

    Simply knowing the names and e-mail addresses that Matta turned up would be enough for some social engineers to get the rest of the information necessary to mount an attack

    Sorry, I don't buy that. "Hi, this is chuck, the webmaster. Can I have the names of our russian agents please?"

    Post the article again when someone breaks in or actually finds classified info.

  5. PH34R MY SK1LLZ by spoonist · · Score: 5, Funny
    h3y d00dz!

    nslookup -q=mx www.cia.gov

    - m4tt4 s3cur1ty 1337 h4x0r

  6. got their emails, huh? by switcha · · Score: 2, Funny
    Matta's study also uncovered the names, e-mail addresses and telephone numbers of more than three dozen CIA network administrators and other officials.

    I hope those guys like pr0n and are looking for a good mortgage rate.

    --
    You know what? ... A little club soda *did* get that out!
  7. Re:Portscanning? by Baca · · Score: 4, Funny

    Question is if you ping them and they show up, do they respond with "pong?"

    --
    "The once beautiful rose blackens slowly..."
  8. Re:Portscanning? by matthewn · · Score: 2, Funny

    Well, would someone who's feeling lucky today ping an Air Force server and report back? ;)

    (Hell no! I'm not gonna do it! You do it! --No way, man! I ain't gonna do it! You do it!)

  9. Re:Portscanning? by brer_rabbit · · Score: 5, Funny

    what's the worse that could happen?

    % ping hidden.airforce.mil
    PING hidden.airforce.mil from 192.168.1.4 : 56(84) bytes of data.
    64 bytes from hidden.airforce.mil: icmp_seq=0 ttl=57 time=20.871 msec fbi_agents_in=10
    64 bytes from hidden.airforce.mil: icmp_seq=1 ttl=57 time=19.560 msec fbi_agents_in=9
    64 bytes from hidden.airforce.mil: icmp_seq=2 ttl=57 time=20.497 msec fbi_agents_in=8
    64 bytes from hidden.airforce.mil: icmp_seq=3 ttl=57 time=20.820 msec fbi_agents_in=7
    64 bytes from hidden.airforce.mil: icmp_seq=4 ttl=57 time=19.732 msec fbi_agents_in=6
    64 bytes from hidden.airforce.mil: icmp_seq=5 ttl=57 time=20.805 msec fbi_agents_in=5
    64 bytes from hidden.airforce.mil: icmp_seq=6 ttl=57 time=19.830 msec fbi_agents_in=4
    64 bytes from hidden.airforce.mil: icmp_seq=7 ttl=57 time=20.770 msec fbi_agents_in=3
    64 bytes from hidden.airforce.mil: icmp_seq=8 ttl=57 time=19.781 msec fbi_agents_in=2
    64 bytes from hidden.airforce.mil: icmp_seq=9 ttl=57 time=20.790 msec fbi_agents_in=1

    --- hidden.airforce.mil ping statistics ---
    10 packets transmitted, 10 packets received, 0% packet loss, 100% user loss
    round-trip min/avg/max/mdev = 19.560/20.345/20.871/0.541 ms

  10. Fuckin' A! by Knunov · · Score: 4, Funny

    "Sorry, I don't buy that. "Hi, this is chuck, the webmaster. Can I have the names of our russian agents please?""

    I always find it amusing when people try to make the CIA/FBI/NSA out to be bumbling idiots. They're not perfect, but they are really f'ing good.

    In fact, if someone brought that weak 'social engineering' their way, it wouldn't surprise me if they were logged, traced, then given a visit by a couple really solemn-looking men in bad suits and dark sunglasses that smelled like pistachios.

    I dare even one of the cynical know-it-all people that read this board to try it. Be sure to post your results so we can laugh at your cornholing.

    Knunov

    --
    Why do users with IDs under 100,000 or over 700,000 usually have the most worthwhile comments?
  11. Morons by Hagmonk · · Score: 2, Funny
    Hey I just drove past the CIA headquarters and now I have the following valuable facts:

    They exist.

    They work in buildings.

    They have barbed wire around their compound.

    Humans go in and out at various times during the day.

    Using this valuable information and the logic of this silly article, I *could* mount a tactical strike against CIA headquarters!

    Maybe I could run into a CIA employee at the butcher's and make friends and learn his home phone number. Shit! I've just *hacked in* to the CIA. Ph34r my skillz.

    --
    Ash OS durbatulk, ash OS gimbatul, ash OS thrakatulk, agh burzum-ishi krimpatul! Uzg-MS-ishi amal fauthut burgulli.
  12. Re:Portscanning? by AnalogBoy · · Score: 4, Funny

    Pentagon (AP)

    A massive, national mobilization of FBI agents was reported today by sources speaking on condition of anonymity. While officially the situation is classified, the source said there was a massive DOS attack of every major government site.

    "We don't believe this to be the work of ametures." said the source, "The attack was highly organized - thousands of users, from all over the globe, using a special form of denial of service attack called the 'Slashdot Effect'."

    The government has been keeping an eye on the hacker portal "Slashdot", at http://slashdot.org/, for quite some time, stating that it is always the best place to find out what the next big illegal thing is, whether it be irritating the MPAA, RIAA, or disrupting critical government networks.

    President Bush is quoted as saying something inconsequental, ignorant, and stupid, as usual.

  13. I found something classified! by commodoresloat · · Score: 2, Funny

    Surely this top secret terrorism buster logo was meant to be classified; there is no way the CIA would be stupid enough to let this information out into the public arena, where it would expose them to ridicule!

  14. Why bother with the DMZ? by Anonymous Coward · · Score: 1, Funny

    C'mon, why even bother with finding this information? I mean, its not even classified... and *EVERYBODY* knows how easy it is to get into the top-secret classified CIA files, just watch the movies! You dial to 555-1311 (CIA1) with your little 2400 baud modem, up pops the CIA logo with a login box, you type "BOSSHOG", password "SECRET" and in you go.. finding out all about those undercover operatives. Oh, and as an added side-effect (must be some super duper CIA classified image compression/encryption thing), JPG images that would take 30 seconds on your 56K modem from any normal site download in under a second!

    Who cares about the damn operatives?! Get that compression algorithm and we could make a GPL version and everyone could drop broadband and go back to 56K dialup (at the *speed* of broadband!).

  15. Re:Portscanning? by Darth_Burrito · · Score: 3, Funny

    whew, I'm just glad the ttl isn't counting down as well.

  16. Re:wonderful by gad_zuki! · · Score: 3, Funny

    Related Stories: Report warns of al-Qaeda's potential cybercapabilities
    don't you just love when we do half the terrorists jobs for them then wonder how they pull off elaborate attacks?

    Yeah, they sure are helping the enemy.

    The terrorists have connected to port 25, I repeat the terrorists have connected to port 25!!!!

  17. Re:Portscanning? by Anonymous Coward · · Score: 1, Funny

    "You are welcome to be completely ignorant of other countries laws if you plan on never leaving the us."

    "The us"

    Is that a cult?

  18. Re:Portscanning? by mallie_mcg · · Score: 4, Funny

    64 bytes from hidden.airforce.mil: icmp_seq=5 ttl=57 time=20.805 msec fbi_agents_in=5

    I think you have the wrong domain name. (Well i know www is not hidden., but ill look into it for you!! :p~

    PING www.af.mil (131.84.1.31) from 192.168.83.206 : 56(84) bytes of data.
    From h1-0.dtic.bbnplanet.net (4.1.1.254): Packet filtered
    From h1-0.dtic.bbnplanet.net (4.1.1.254): Packet filtered
    From h1-0.dtic.bbnplanet.net (4.1.1.254): Packet filtered
    From h1-0.dtic.bbnplanet.net (4.1.1.254): Packet filtered

    Yes actuall results. I wonder when i will get the email. (Yes i am an Admin on the domain, yes i am bored), or failing that visits from people in really bad suits. (Im lonely too, it will be nice to have someone to talk to!!) --- www.af.mil ping statistics --- 27 packets transmitted, 0 packets received, +4 errors, 100% packet loss

    --


    Do the following really mean anything? SCSA MCP CCSA CCNA
    --I'm not actually after an answer!
  19. Re:Portscanning? by ByteHog · · Score: 2, Funny

    just one ping? damn.. wonder what'll happen if we slashdot them.. do we get to see the black helicopters? :)

    --
    - This isn't the sig you're looking for. Move along, move along..
  20. Re:Portscanning? by gfreeman · · Score: 3, Funny

    [Russian/Connery accent] Vasily, verify number of hops to our target - one ping only ...

    --
    Graham

    --
    Ceci n'est pas un sig.
  21. Re:Portscanning? by Anonymous Coward · · Score: 1, Funny

    Are you sure about not seeing any MIB?
    Maybe you "forgot".