[80693] in North American Network Operators' Group
Re: Internet Attack Called Broad and Long Lasting by Investigators
daemon@ATHENA.MIT.EDU (Jim Popovitch)
Tue May 10 02:04:48 2005
From: Jim Popovitch <jimpop@yahoo.com>
To: nanog@nanog.org
In-Reply-To: <20050510053734.B11973BFFD5@berkshire.machshav.com>
Date: Tue, 10 May 2005 02:05:31 -0400
Errors-To: owner-nanog@merit.edu
This part:
"The crucial element in the password thefts that provided access
at Cisco and elsewhere was the intruder's use of a corrupted
version of a standard software program, SSH. The program is used
in many computer research centers for a variety of tasks,
ranging from administration of remote computers to data transfer
over the Internet."
reminds me of the SourceForge attack a few years back
http://www.apache.de/info/20010519-hack.html
-Jim P.
On Mon, 2005-05-09 at 22:37 -0700, Steven M. Bellovin wrote:
> SAN FRANCISCO, May 9 - The incident seemed alarming enough: a breach
> of a Cisco Systems network in which an intruder seized programming
> instructions for many of the computers that control the flow of
> the Internet.
>
> Now federal officials and computer security investigators have
> acknowledged that the Cisco break-in last year was only part of a
> more extensive operation - involving a single intruder or a small
> band, apparently based in Europe - in which thousands of computer
> systems were similarly penetrated.
>
>
> ....
>
> http://www.nytimes.com/2005/05/10/technology/10cisco.html?hp&ex=1115784000&en=eeb27da2e75ec022&ei=5094&partner=homepage
>
>
> --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
>
>
