[6580] in bugtraq
Re: Have Crackers Found Military's Achilles Heel?
daemon@ATHENA.MIT.EDU (Mark (Mookie))
Thu Apr 23 12:36:09 1998
Date: Thu, 23 Apr 1998 07:19:33 -0700
Reply-To: "Mark (Mookie)" <mark@ZANG.COM>
From: "Mark (Mookie)" <mark@ZANG.COM>
X-To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199804222310.QAA01296@zang.com> from "John Rubier" at Apr 22,
98 06:42:45 pm
>>From what I can see, the DISA DEM software was/is publically available
>at http://tcoss.safb.af.mil/common/HTML/DSC_support.htm (the link is
>broken though).
>No wonder the feds didn't bother to come after them ;-)
By the looks of ftp://tcoss.safb.af.mil :
220 tcoss2 Microsoft FTP Service (Version 3.0).
Name (tcoss.safb.af.mil:root): ftp
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
230 Anonymous user logged in.
ftp> dir
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
11-20-97 05:16PM <DIR> ActiveX
01-27-98 02:47PM <DIR> disd
04-15-98 09:00PM <DIR> Disn-W
03-12-98 08:33PM <DIR> DITCO
04-14-98 01:45PM 0 dspd8.tmp
04-17-98 12:20PM <DIR> MCI_TCOSS
04-23-98 06:59AM <DIR> PDCBOOK
03-24-98 08:10PM <DIR> R&R
04-15-98 06:52PM <DIR> TSRE
11-20-97 05:27PM <DIR> WinFrame
ftp> cd Disn-W
550 Disn-W: Access is denied.
So it appears the "highly technical crack team" just ftp'd the software. Wow.
They fixed the perms on the dir last week.
And what they got:
A software tool set called DEM (Visual Basic Programming based) melds the day
to day network operations and maintenance efforts. DEM provides the entire
RAVN team with a user friendly/graphical based set of tools that allow
real-time network access for monitoring, control, re-configuration and
testing of the critical pieces of hardware/software that make up the
composite RAVN architecture. Both RIMS and DEM data bases are hosted on a
stand alone RAVN server operated and maintained by NTAC personnel. The server
is accessible via a Local Area Network connection and supports up to 25
simultaneous users.
Sounds rather useless unless you have the databases of network equipment and
device authentication parameters.
Cheers,
Mark
mark@zang.com
