Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mapping The CIA Nonclassified Network

Posted by ryuzaki0 on from the fun-with-data-extrapolation dept.

jeffy124 writes "A security firm Matta Security in London has mapped the CIA non-classified network. Using only legal and open sources, the company mapped topology of machines and even found networks otherwise closed to the public. The company never port scanned or probed the network directly. Among items they found were emails and phone numbers of sys admins and other employees. Amazingly, they did all this in two days."

9 of 242 comments (clear)

  1. good link on legality of port scanning by zkosky · · Score: 5, Informative

    A link that has some good info on the legality of port scanning is: Journal of Technology Law and Policy
    If you take the time to read it, there is a bunch of interesting stuff in it. Just do a page search for "port" and you'll get to the cool stuff.

  2. Original PDF Report by Alien54 · · Score: 5, Informative
    It doesn't look like the information they gathered alone is really anything remarkable

    Exactly. It is the typical information that any sysadmin from the outside. The graphic diagramming the networking layout shows nothing remarkable.

    You can seen the original report in PDF format here, with _all_ of the juicy details.

    Which is funny, because the link is not directly accessable from the main site.

    talk about security.

    --
    "It is a greater offense to steal men's labor, than their clothes"
  3. Re:Portscanning? by skunkeh · · Score: 0, Informative

    Read the article - they didn't portscan.

  4. Re:Portscanning? by SpinyNorman · · Score: 4, Informative

    Maybe ... legal until you're accused of hacking into the syetem you portscanned, then it'll be used against you as evidence of hacker intent.

    This has already been done.

  5. Re:So what? by Anonymous Coward · · Score: 2, Informative

    Hi, this is chuck, the webmaster

    Actually it's "Dave":

    Central Intelligence Agency (CIA-DOM)
    Information Services Infrastructure
    Washington, DC 20505

    Domain Name: CIA.GOV
    Status: ACTIVE
    Domain Type: Federal

    Technical Contact, Administrative Contact, Billing Contact:
    Wheelock, David E. (DEW1)
    (703) 613-9840
    DAVIDW@UCIA.GOV

    Domain servers in listed order:

    RELAY1.UCIA.GOV 198.81.129.193
    AUTH100.NS.UU.NET 198.6.1.202

    Record last updated on 31-Oct-01.

    Dave?
    Dave's not here, man.
    No, it's me, Dave - let me in.
    Dave's not here!

  6. Re:Anyone else notice the Lotus Domino Server by Cedric+C.+Girouard · · Score: 5, Informative
    Because Lotus Notes and Lotus Domino is the only mail product that gives email administrators zero access to information within mail files. Each Notes database has an access control list, and you can specify who's on it. The mail server can have "depositor" access, which means it can only place information inside the database. The database can also be encrypted so that only the server can read it -- meaning someone has to steal a copy of the database itself off of the file system, in order to have a chance at decryption.

    Little known fact: The password entry box you get when logging in to a domino client/server setup with the 4 little hieroglyphs, is a CIA-requested add-on. That and the random amount of X's you get when you punch in the password.

    Also, stealing a copy of the database will not help you if persistent ACL's were set up.

    Other nice features of Domino is that you can have multiple level of access within each documents, meaning that group XYZ would have read access to the entire document, while group XY would only get 2/3rd of the forms in it, and group X would get only 1/3rd of the forms within the document.

    Reasons why they're not using Exchange ? Well... Exchange did never get its security clearance...

    --

    Marriage is considered capital punishment for the theft of a goat in some third world countries...

  7. Wana know more? by kruczkowski · · Score: 3, Informative

    Here, get this CD/Video set, it's free! Learn how to secure Windows NT/UNIX to goverment standards! Order now!

    http://iase.disa.mil/eta/index.html

    --
    hmm... for fun I enjoy launching DDoS attacks against 127.87.42.5
  8. Re:So what? by oni · · Score: 3, Informative

    terrorist group targets Chuck and his SysAdmin pals before launching some kind of attack.

    I should have made this clear in my last post, and this is based on my experience in the military: The web-page flozies typically work in the public affairs departments. They could be abducted by aliens and no one would care much. The real IT people have nothing to do with "administering" web sites.

    Maybe the CIA does things differently - but I doubt it.

  9. Re:Anyone else notice the Lotus Domino Server by twinpot · · Score: 3, Informative
    Except: as an administrator, if you *really* want to read someone's mail, you can re-register and re-certify that person, thereby generating a new ID file, which will match the entry in the .nsf's ACL. You then Switch ID to that user, and open their database. The ACL reads Davitt J Potter/CIA/GOV/US, and... well, you're in.


    This won't work if the mail is encrypted, because if you create another ID with the same name, the public/private key combo is different. Therefor the only thing you may be able to read is the subject line. The message body will have been encrytped (you can encrypt the DB itself, and you can specify that all emails you receive are encrypted too).