Slashdot Mirror
Chinese Websites Used As Launchpads For Cracking
An anonymous reader writes "A Washington Post article reports that Chinese networks are being used to breach hundreds of unclassified U.S. government systems. The article goes on to say that some analysts believe the activity to be tied to the Chinese government, although there is also some dissent." From the article: "Whether the attacks constitute a coordinated Chinese government campaign to penetrate U.S. networks and spy on government databanks has divided U.S. analysts. Some in the Pentagon are said to be convinced of official Chinese involvement; others see the electronic probing as the work of other hackers simply using Chinese networks to disguise the origins of the attacks."
Under the heading "unclassified documents":
"For Official Use Only" - things which don't contain classified data, but contain information that should be kept within the government. Someone made a decision to mark this document as FOUO.
"Sensitive" - a more generic type of document which contains information which is probably not suitable for public release, but is not determined as such. This may be marked FOUO at some future point.
The big problem with the standard information classification guidelines is what you need to do if you classify the document. First, people can't attach them to the normal email system, or in fact even have it on an unclassified computer system. Second, if you print it out you have to print it on a classified-only printer, lock it in a safe and sign for it, sealing the room from those who have no clearance before taking a look. Google AR 25-2 and read the pdf (public distribution) for more specific information on how such documents are handled.
This provides a lot of impetus to keep data that is not truly secret from being classified as such. So many documents are FOUO or considered "sensitive". It doesn't mean the data in the hands of an enemy couldn't be damaging, particularly in the aggregate.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
IP spoofing does not allow for anonymous access. This is a common misconception. Any sort of spoofing beyond simple floods require the attacker to be on the same subnet as the attackee (nonblind spoofing). As far as blind spoofing all modern OSs implement random sequence numbers, making blind spoofing very unlikely.
I'll assume for the moment that you didn't realize my sarcasm when I say:
/do/ believe that statement about the "Good Guys", you'll see why it's flawed anyway.
I was being sarcastic, and showing one obvious instance where, even if you
Pulp Audio Weekly - Geek News and Reviews
They have. It's called Internet2.
Although I wouldn't put this in the same category as government network hacking, I've had similar problems. I run a message board that focuses on military matters with a bias towards the US side of things. As the popularity has grown, so have the hacking attempts. Luckily they've all been unsuccessful because I'm on top of software updates, but the amount of times that I've had to block these idiots where they try to download my entire site with leech clients, flood the forum search engine with countless requests per second, initiate thousands of connections to the web server but timeout causing the number of apache processes to skyrocket, and do other things to try and bring it down is getting too many to count. The one thing that unites all of this? 98% of these shenanigans are coming from Chinese subnets. Only a few have been from elsewhere, namely France and Germany. What's crazy about it, is that the ip's that they're using from China are all over the continent. We're talking well over 100 subnets. Late last year I finally started blocking all of the Chinese subnets and voila! All problems with the site have gone away. It's rather unfortunate as I had a lot of Chinese visitors that I had to shut out.