TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
Subject:Internet Snooping From:Chuck Banks <chuck -at- ASL -dot- DL -dot- NEC -dot- COM> Date:Wed, 9 Feb 1994 12:37:28 CST
Hi, All!
If you listened to National Public Radio's morning program
you heard a report from Eugene Spafford, Purdue University, about a
Trojan horse program that copies internet user IDs and passwords and
passes them to system pirates. If not, here's the text of an article
in the February 7, 1994 issue of _Communications_Week_:
Intruders Gain Access to Remote Systems via Internet
By Sharon Fisher
PITTSBURG Organizations that use the Internet to
log into remote systems may have had their remote
accounts compromised and should change the passwords
on those accounts, the Computer Emergency Response
Team warned last week.
The group, based here, tracks Internet security
problems and alerts users to them. The most
recent alert is aimed at users who use one Internet
system to reach another one, such as through Telnet,
Rlogin or FTP.
The advisory stated that an unknown number of Trojan
horse programs have been written to record log-on
identifications and passwords as users connect to
the remote systems, much like tapping a phone line.
Through these programs, malicious hackers have been
able to gain access to tens of thousands of Internet
systems.
The primary targets appear to be commercial Internet
service providers, but any system that provides
remote access is potentially at risk, according to
the group.
A program was recently written that uses a Unix
monitoring tool present on Sun Microsystems Inc.'s
Sun-3 and Sun-4 workstations running the SunOS 4.x
operating system and on Solbourne Computer Systems.
The advisory includes directions on how to discover
whether the monitoring tool is being used, and how
to modify it so it cannot be used for this purpose.
The advisory can be found in the COMP.SECURITY.ANNOUNCE
news group or via anonymous ftp from INFO.CERT.ORG.
I hope this helps you protect your systems.
Best Regards!
Chuck Banks
--
__ ________ ______
|\\ | || // Chuck Banks
| \\ | ||_______ || Senior Technical Writer
| \\ | || || NEC America, Inc.
| \\| \\______ \\______ E-Mail: chuck -at- asl -dot- dl -dot- nec -dot- com
America, Incorporated CompuServe: 72520,411
