Return-Path: <sentto-279987-4586-1015683560-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Sat, 09 Mar 2002 06:22:08 -0800 (PST) Received: (qmail 8683 invoked by uid 510); 9 Mar 2002 14:19:33 -0000 Received: from n24.groups.yahoo.com (216.115.96.74) by all.net with SMTP; 9 Mar 2002 14:19:33 -0000 X-eGroups-Return: sentto-279987-4586-1015683560-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.187] by n24.groups.yahoo.com with NNFMP; 09 Mar 2002 14:19:20 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: unknown); 9 Mar 2002 14:19:19 -0000 Received: (qmail 99041 invoked from network); 9 Mar 2002 14:19:19 -0000 Received: from unknown (216.115.97.171) by m6.grp.snv.yahoo.com with QMQP; 9 Mar 2002 14:19:19 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta3.grp.snv.yahoo.com with SMTP; 9 Mar 2002 14:19:19 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g29EKJa28419 for iwar@onelist.com; Sat, 9 Mar 2002 06:20:19 -0800 Message-Id: <200203091420.g29EKJa28419@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sat, 9 Mar 2002 06:20:19 -0800 (PST) Subject: [iwar] [fc:Mapping.The.CIA.Network] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Mapping The CIA Network By George V. Hulme, InformationWeek, 3/8/02 <a href="http://www.informationweek.com/story/IWK20020306S0008">http://www.informationweek.com/story/IWK20020306S0008> Internet security firm Matta claims it limited its footprinting activities to publicly available tools and search engines to build a detailed map of the CIA's network. Using the CIA as an example, Internet security firm Matta Security Ltd. has published a white paper showing it's possible to gather detailed information on an organization's network by using freely available resources. Matta says it limited its footprinting activities to publicly available tools and search engines, such as the "whois" domain lookup database and the popular Google Inc. search engine, while building a detailed map of the CIA's network, including subdomain Web servers, mail exchanges, routers, router interfaces, and even the IP address of an internal network. Using Google, Matta also collected information on CIA personnel, such as office locations and phone numbers. Experts aren't surprised. "Security professionals have long known this information is readily available about their enterprise," says Pete Lindstrom, security analyst with Hurwitz Group. "In these times, it's a shame Matta chose the CIA as their target." Chris McNab, technical director for Matta, disagrees, saying the CIA was an appropriate target. "The CIA is a security-conscious entity, with adequate technical resources to ensure the security of its networks into the future. The reality is that it is virtually impossible for anyone to compromise the CIA's sensitive network space." Experts say the information gathered by Matta doesn't reveal any vulnerabilities, just potential targets for attacks. For example, Matta uncovered dozens of phone numbers that it says could be used by a determined attacker to locate devices giving access to internal CIA network space. "War dialing is a common threat to many organizations nowadays," writes Matta. "So can a phone book," Lindstrom says. "Collecting all of this information and neatly packaging it just makes it easier for crackpots. If you don't think China already has this information, you're nuts." Gartner security analyst John Pescatore disagrees. "They found a lot of information, a little here and there, and a hacker can call help desks and use what they learned to act like trusted insiders." "Information security is all about retaining accountability and control over data," McNab says. "Whether we are talking about floor plans, telephone directories, R&D project documents, this is all potentially sensitive information and should be correctly classified and protected." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/nuyOHD/7.PDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:04 PST