[321] in WWW Security List Archive
Re: GE Break-in: via HTTPD?
daemon@ATHENA.MIT.EDU (Jeb Weisman)
Mon Jan 16 21:12:28 1995
Date: Mon, 16 Jan 1995 11:44:55 -0800 (PST)
From: Jeb Weisman <weisman@pacificu.edu>
To: www-security@ns2.rutgers.edu
In-Reply-To: <9501161214.AA12258@atlas.br.RohmHaas.Com>
Reply-To: www-security@ns2.rutgers.edu
This is possible. However, the word on the sysadmin grape vine, and at
least one of the security lists, is that this may be more smoke and
mirrors than other more mundane possibilities. Specifically, improperly
patched Sun, sniffing inside and outside the network, loose security
procedures. Then again, it could be httpd, but perhaps you shouldn't bet
on it.
-Jeb Weisman
+-----------------------------------------------------------------------+
| Jeb Weisman Pacific University weisman@pacificu.edu |
| Internet User Services 2043 College Way (503)359-2927 (vox) |
| Academic Computing Forest Grove, OR (503)359-2242 (fax) |
| 97116 |
+-----------------------------------------------------------------------+
On Mon, 16 Jan 1995, Mr. Tom Cozzolino wrote:
>
> We've all read about the break-in to General Electric's
> Network back in November.
>
> However, I read in the business section of the Philadelphia
> Inquirer yesterday that this breach was through GE's
> home page. Does anyone have more information on this?
>
> How is it possible? More importantly, how do we prevent
> this from happening again?
>
> Thanks for any ideas.
>
> +=================================================+
> | Thomas J. Cozzolino - Rohm and Haas Co. |
> | Internet: tcozz@rohmhaas.com |
> | Phone/Fax: (215) 619-5451/1633 |
> | PGP Public Key Available |
> | |
> | Internet Access for Everyone.. |
> | - Isn't it Time? |
> | |
> | Opinions expressed are my own, not |
> | necessarily those of Rohm and Haas Company |
> +=================================================+
>
