IP: US White House Hacked? (from RISKS)

[David Farber <farber () central cis upenn edu>]

Date: 28 Aug 95 23:01:50 EDT
From: David Kennedy <76702.3557 () compuserve com>
Subject: US White House Hacked?


[German Press Agency, 20 Aug 1995, Received in German through the Executive
News Service of CompuServe.  First pass machine translation by GlobaLink
Power Translator v. 1.0; errors in translation by David M. Kennedy & Michel
E. Kabay]


  German Hacker in White House Computer Annoys the Internet
  By Justus Demmer, German Press Agency


  Hamburg (German Press Agency) - Among those familiar with the Information
  Superhighway, there are certain rules of behavior: Netiquette.  In the last
  week, German hackers have broken with Netiquette, offending some users of
  the global network of some 30 million computer users by sending a message
  accusing users of attempting to penetrate the US White House's computers.
  The alleged sender of these messages?  President Bill Clinton.


  An article in the German Computer Magazine "c't," published in Hanover,
  broke the news. However the messages leave telltales of their German origin,
  which tipped off the Systems Administrator in the White House who in turn
  notified the German Computer Emergency Response Team, DFN-CERT.


  DFN-CERT functions as a kind of fire department for the Internet.  They
  identified the "Clinton-Mails" as fakemail according to the magazine's
  article.  DFN-CERT acted but withheld news of the attacks.


[DMK:  So apparently did the White House.  Possibly one of the many Sendmail
holes?]


  DFN-CERT staff member Uwe Ellerman said Internet users, and especially
  magazines, have a responsibility to acknowledge attacks.  However many do
  not want to admit they were penetrated.  Ellerman said that the press
  should report these matters.  The magazine should make their own computers
  available for such silly tricks if they wish.


  However, explained c't editor Georg Schnurer, that has not been the case.
  He claimed the White House uses an old version of software for electronic
  mail handling which is obsolete. This program makes it possible to falsify
  mail.  Many other System Administrators also use this older version,
  leaving the network vulnerable to similar attacks.


[DMK: More pointers towards Sendmail.  More pointers to why it should be
acknowledged so that the clueless will check for Sendmail holes.  Possibly
confirming fact, the recent US CERT Sendmail Alert.]


  Ellerman and Schnurer do not agree whether public notice of the White
  House error was necessary or not, they do agree that to maintain integrity
  over their mail, users should encrypt their mail.


David Kennedy / Vol.SysOp Natl Computer Security Assn Forum on CompuServe
  GO:NCSAFORUM
M.E.Kabay,Ph.D. / Dir. Education, Natl Computer Security Assn (Carlisle, PA)