Slashdot Mirror

← Back to Stories (view on slashdot.org)

DOD Overhauls Network to Thwart Crackers

Posted by ryuzaki0 on from the take-that dept.

Toddius Maximus wrote in to send us a CNN story about the Departent of Defense Overhauling their network to prevent cracker attacks. How's that for a feeling of warm fuzzies?

7 of 28 comments (clear)

  1. Makes me wonder how vulnerable it was BEFORE by Anonymous Coward · · Score: 2

    these changes.

    "DISA's plans include the filtering of what DISA called "notorious" protocols routinely exploited by hackers... The protocols include the PostOffice Protocol (POP), which allows remote users to read e-mail stored on a central server; remote-access protocols, which allow users to read their e-mail from another system; and Packet Internet Groper (Ping).... The inability of NIPRNET to handle the loads imposed by Web traffic without lags or delays had resulted in numerous military commands installing Internet "backdoors" on their systems."

    Unless they're not telling us the important stuff, what they're doing is pretty darn basic -- I'd do this kind of thing for a small business. It doesn't really surprise me that their security was so bad, but they ARE the DOD.

  2. Let me summarize the article for you... by Kurt+Gray · · Score: 5

    Translation:

    A DOD spokesman has publicly stated that as soon as
    their sys admins are tired of playing Quake, they
    fully intend to install tcp_wrapper on most of
    their systems, just as soon as they're done
    sorting their bookmarks and reading Slashdot
    they promised they would get right on it and
    install that wrapper any day now, and if they
    can have Friday off, they may even upgrade and patch
    the old buggy daemons they left running, but
    as one DOD sys admin stated "Phf! That's not my job!"
    then he quickly returned his attentions to a
    heated Phantom Menace debate on "Ain't It Coll News."

    1. Re:Let me summarize the article for you... by A+Big+Gnu+Thrush · · Score: 2

      Thanks for the summary. Don't you wish CNN writer's had the same kind of BS filters in their head? No offense to CmdrTaco, but anything with "hacker" in the article gets treated like gospel in the media. /. links it, everyone reads it.

      The words "hacker" and "Y2K" on the internet are the equivalent of "fire" in a crowded theater.

      Who cares if the DOD website is brought down 4 times a day or cracked 250,000 times a year? (Where does that number come from? Is a port scan a crack?) It's non-classified, the admins are upgrading the routers and applying patches.

      CNN filler. They ran out of Microsoft pr announcements to post as news.

  3. hacker != cracker by Zebulun · · Score: 2

    again the terms are confused...

    a hacker is someone who hacks hardware and OSes
    whereas a cracker is traditionally one who cracks
    software copyright and helps in the distribution
    of such warez.

    see Hacker V Cracker on manos.com,

    Cracker
    The definition of a cracker is one who attempts to break into a system using techniques that he does not fully understand. Most of the crackers are young teenage punks who are very malicious and seek to get their kicks from destroying or alternating data on a system.

    Hacker

    The hacker on the other hand is an individual who yearns for knowledge. The hackers are very knowledgeable individuals. They often times know several programming languages, work extensively with the inwards and outwards of UNIX, have a firm understanding of all the TCP/IP implementations and protocols. They keep abreast on all the security related issues involving computers. Breaking into a system for a hacker is a thrill, it is a challenge that they take on. The hacker takes much delight in exploring the system from the outside/inside searching vigorously for misconfigurations, bugs, and holes in the operating system that would allow them to break into a machine. Once in the system the challenge has been completed and they have succeeded in breaking in. It is against hacker ethics to alter any data aside from the logs that are needed to clean their tracks. They have no need or desire to destroy data as the malicious crackers. They are there to explore the system and learn more. The hacker has a constant yearning and thirst for knowledge that increases in intensity as their journey progresses.

    --
    I'm afraid. I'm afraid, Dave. Dave, my mind is going. I can feel it. I can feel it. My mind is going.
    1. Re:hacker != cracker by arcade · · Score: 2

      Yes, you are a bit confused. ;)

      From the jargon dictionary:
      --
      cracker /n./ One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker (q.v., sense 8). An earlier attempt to establish `worm' in this sense around
      1981--82 on Usenet was largely a failure.

      Use of both these neologisms reflects a strong revulsion against the theft and vandalism perpetrated by cracking rings. While it is expected that any real hacker will have done some playful cracking and
      knows many of the basic techniques, anyone past larval stage is expected to have outgrown the desire to do so except for immediate, benign, practical reasons (for example, if it's necessary to get around
      some security in order to get some work done).

      Thus, there is far less overlap between hackerdom and crackerdom than the mundane reader misled by sensationalistic journalism might expect. Crackers tend to gather in small, tight-knit, very secretive
      groups that have little overlap with the huge, open poly-culture this lexicon describes; though crackers often like to describe *themselves* as hackers, most true hackers consider them a separate and
      lower form of life.

      Ethical considerations aside, hackers figure that anyone who can't imagine a more interesting way to play with their computers than breaking into someone else's has to be pretty losing. Some other
      reasons crackers are looked down on are discussed in the entries on cracking and phreaking. See also samurai, dark-side hacker, and hacker ethic. For a portrait of the typical teenage cracker, see warez
      d00dz.

      --
      "Rune Kristian Viken" - http://www.nwo.no - arca
  4. Um, this is news? by MikeTurk · · Score: 3

    So, starting sometime in July, they're going to filter some protocols, maybe POP, maybe telnet, but they haven't decided what to filter yet. Hmm...the first thing I did on my Linux boxen was to turn off any protocols that I didn't use and to set up ipchains to filter the rest. I also set Samba not to listen to the outside world, but only to my 192.168.0.* C network. And I'm new at this.

    Typical government: A network that is several years old finally gets the consultant once-over and the committee decides to form a committee to look into what to do.


    Mike
    --

    --

    Mike
    --
    "Wi nøt trei a høliday in Sweden this yër?"

  5. Re:Won't help by N3MCB · · Score: 2

    I took notice of the part that says they are eliminating the back door connections - that may be where the improovement is seen. From what I have read now there are some sites that have independent connections and varring levels of security on the connections. This seems to me like DISA is telling everyone to "close the back doors we'll make the front door bigger and add an extra rent-a-cop" I would also assume that the truly sensitive data would be on a stand alone network anyway. Use red wires for one network and green for the other and never connect anything red to anything green.