Information Security News mailing list archives
NASA blocks Excite users access
From: InfoSec News <isn () C4I ORG>
Date: Fri, 14 Jul 2000 13:01:48 -0500
Forwarded By: infosec () infosec 20m com http://www.msnbc.com/news/432831.asp?cp1=1 FOR NEARLY 72 HOURS earlier this week, subscribers of Excite at Home's high-speed cable-modem service were unable to visit the Web site for NASA's Jet Propulsion Laboratory in Pasadena, Calif., and other NASA sites. The lab's Web site is one of the Internet?s most popular destinations and a frequent target for hackers; the site was hit at least 12 times since May 1998, according to Attrition.Org, which monitors hacking activity. Government experts said it was unprecedented for a U.S. agency to block all customers of a major commercial Internet provider even temporarily. A NASA spokeswoman said the agency doesn't talk about its efforts to secure its computers. Technicians at the Jet Propulsion Lab complained in an e-mail to Excite at Home on July 7 that it was detecting attempts by two subscribers to break into its computers. Bryan Johnson, NASA's system administrator, wrote an internal e-mail three days later warning employees that Excite At Home had been unresponsive to our requests and other NASA center requests for support regarding these scans,? and that the lab was blocking Excite at Home customers. The message suggested ways that NASA employees and contractors who use the service while working at home could bypass the block. By Wednesday, however, Excite at Home wrote to NASA, saying it had identified the offending users and have taken the appropriate action against the accounts. NASA then lifted the block. A spokeswoman for Excite at Home said that the issue was resolved and that the company is installing an automated e-mail system to improve responsiveness to complaints about hackers. Agencies can make their own policies about when to take action. There are no governmentwide policies on when agencies can take such extreme measures, said David Jerrell, who runs the Federal Computer Incident Response Capability, which alerts agencies to hacking efforts. Normally that's not done unless the ISP [internet service provider] is not responding to requests for assistance, he said. We can't be cutting off those citizens for long periods of time. A person familiar with the matter said NASA detected two Excite at Home subscribers trying to exploit a specific vulnerability in software known as wu-ftp, and experts issued formal warnings about the flaw on July 7. Another lab employee wrote in a public Internet message on July 12 that the vulnerabilities have got me worried, and asked for technical advice. This week's decision wasn't the labs first move to block access to its Web sites. In March, the lab acknowledged that it had temporarily barred all Internet users in Brazil, Latin America's most populous country. In February, Dow Jones & Co. formed a joint venture with Excite At Home Corp. to build a Web portal, called Work.com, for small and midsize businesses. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- NASA blocks Excite users access InfoSec News (Jul 14)