|
BITLIST, Issue 32
________ _________ _________ ___ _________ _______ _________
_________ _________ _________ ___ _________ _________ _________
___ ___ ___ ___ ___ ___ ___ ___ ___
___ ___ ___ ___ ___ ___ ___ ___
_______ ___ ___ ___ ___ _______ ___
________ ___ ___ ___ ___ ___ ___
___ ___ ___ ___ ___ ___ ___ ___ ___
_________ _________ ___ _________ _________ _________ ___
________ _________ ___ _________ _________ _______ ___
/ ›
VOLUME 3 NUMBER 8 JANUARY 8, 1986
/ ›
A weekly list of file servers, conference machines and electronic magazines
/ ›
+---------------------------------------------------------------------------+
³Please send additions, deletions and requests to get on the mailing list to³
³ Chris Condon, BITLIB@YALEVMX ³
+---------------------------------------------------------------------------+
+---------------------------------------------------------------------------+
³ Active file servers: ³
+---------------------------------------------------------------------------+
BITSERVE @ CUNYVM - City University of New York
CANSERVE @ CANADA01 - University of Guelph
CSNEWS @ MAINE - University of Maine
FORUM @ BITNIC - Bitnet Support Center
KERMSRV @ CUVMA - Kermit Users Server, Columbia University
LFCNET @ ICNUCEVM - National University Computer Center - Pisa
MACSERVE @ BITNIC - Macintosh Users Server, Bitnet Support Center
NICSERVE @ BITNIC - Bitnet Support Center
NYSHARE @ WEIZMANN - Weizmann Institute of Science
SERVER @ TAMCBA - Texas A & M College of Business Administration
SERVER @ UOGUELPH - University of Guelph
VMBBOARD @ WEIZMANN - Weizmann Institute of Science
+---------------------------------------------------------------------------+
³ Active NETSERV file servers: ³
+---------------------------------------------------------------------------+
NETSERV @ AEARN - Austria EARN - Linz
NETSERV @ BITNIC - Bitnet Support Center
NETSERV @ CEARN - Centre Europeen de Recherche Nucleaire
NETSERV @ DEARN - German central node of EARN - Darmstadt
NETSERV @ EARNET - IBM SC - Roma
NETSERV @ EB0UB011 - Universidad de Barcelona
NETSERV @ FRMOP11 - CNUSC, Montpellier
NETSERV @ GREARN - Research Center of Crete - Heraklion
NETSERV @ HEARN - Katholieke Universiteit Nijmegen
NETSERV @ IRLEARN - University College - Dublin
NETSERV @ ISRAEARN - IBM Israel SC - Haifa
NETSERV @ SEARN - Sweden EARN - Stockholm
NETSERV @ UKACRL - Rutherford Appleton Laboratory - UK EARN
+---------------------------------------------------------------------------+
³ Active database servers: ³
+---------------------------------------------------------------------------+
DATABASE @ BITNIC - Bitnet Information Center
+--------------------------------------------------------------------------+
³ Active name servers: ³
+--------------------------------------------------------------------------+
BITSERVE @ CUNYVM - City University of New York
CSNEWS @ MAINE - University of Maine
FINGER @ CUVMA - Columbia University
LOOKUP @ RITVAXC - Rochester Institute of Technology
LOOKUP @ RITVAXD - Rochester Institute of Technology
VMNAMES @ WEIZMANN - Weizmann Institute of Science
+--------------------------------------------------------------------------+
³ Active conference machines: ³
+--------------------------------------------------------------------------+
CERITOR @ TECHNION - Technion - Haifa
FORUM @ BITNIC - Bitnet Support Center
SERVER @ TAMCBA - Texas A & M College of Business Administration
+--------------------------------------------------------------------------+
³ The Relay conference machine network: ³
+--------------------------------------------------------------------------+
BASTILLE @ UIUCVMC - University of Illinois
CSCML @ CCNYVME - City College of New York
CXBOB @ ASUACAD - Arizona State University
DSCAWAC @ CFRVM - Central Florida Regional Data Center
ENE11S @ DE0HRZ1A - Universitaet Essen
K242804 @ CZHRZU1A - Zurich University
NETRELAY @ FRECP11 - Ecole Centrale de Paris
PSUG @ VPIVM2 - Virginia Polytechnic Institute and State University
RELAY @ AEARN - Austrian EARN node at Linz
RELAY @ BITNIC - Bitnet Support Center
RELAY @ CEARN - Centre Europeen de Recherche Nucleaire
RELAY @ CLVM - Clarkson University
RELAY @ DEARN - German central node of EARN at Darmstadt
RELAY @ DKTC11 - Copenhagen Technical College
RELAY @ HEARN - Katholieke Universiteit Nijmegen
RELAY @ ISRAEARN - IBM Israel SC - Haifa
RELAY @ JPNSUT10 - Science University of Tokyo
RELAY @ NCSUVM - North Carolina State University
RELAY @ NDSUVM1 - North Dakota State University
RELAY @ PURCCVM - Purdue University
RELAY @ TCSVM - Tulane University
RELAY @ UREGINA1 - University of Regina
RELAY @ UTCVM - University of Tennessee - Chattanooga
RELAY @ YALEVM - Yale University Computer Center
RELAY @ YALEVMX - Yale University Computer Center
ZJD012 @ DMSWWU1A - Uni Muenster
8350428 @ UWAVM - University of Washington
+--------------------------------------------------------------------------+
³ Electronic magazines: ³
³ Mailing list information is included in each magazine. ³
+--------------------------------------------------------------------------+
CLUB - Back issues available from FORUM@BITNIC
CRTNET - Back issues available from LFCNET@ICNUCEVM
BITLIST - Latest issue is stored on NETSERV as BITNET SERVERS
FSFNET - Back issues available from CSDAVE@MAINE & SERVER@TAMCBA
NUTWORKS - Back issues available from FORUM@BITNIC & CSNEWS@MAINE
REXXyymm FORUM - Back issues available from LFCNET@ICNUCEVM
VM/COM - Back issues available from CSNEWS@MAINE
+--------------------------------------------------------------------------+
³ >>>B I T N O T E S>>> ³
+--------------------------------------------------------------------------+
Dead, risen, dead again...
...and permanently this time. MAS@CORNELLC, the Relay that was shut down,
and then restarted, (giving me terrible headaches and the readers huge
belly laughs) had been put to rest forever. this is no laughing matter,
however.
Witness the following message intercepted for me by Kevin Adams and
Andrew Derbyshire:
"The Cornell Relay has been shut down forever due to the misuse of BITNET
by some hackers in West Germany who discussed their trade on the Relay. It
is Cornell's desire to not be associated with the Relay system in the future.
To find out which node will now be servicing your site, type /SERV at any
Relay. If the response is still MAS@CORNELLC then you'll have to wait until
the Operator for that Relay gets an updated version. I would think that by
Thursday everything will be corrected."
A more detailed explanation was sent to me by Mark Sincock, the man that
ran MAS@CORNELLC. The letter was written by Greg Chartrand, Network manager
at Fermilab:
"Over the last several months, Fermilab and other high energy physics
laboratories have been the targets of computer hackers in West Germany.
These hackers are members of an organized club called the Chaos
Computer Club (CCC) which claims to have up to 50 members. A few of these
hackers managed to break into Fermilab (and other HEP sites) by accessing
our systems through Tymnet. They broke into accounts by attempting easy
passwords; passwords having the same as username, the user's personal name and ,
system default passwords for maintenance and systems accounts. In the latter
case at a HEP site, considerable system damage was done by breaking into
a maintenance account. If nothing else, this note should serve as a warning
for those of you who have not bothered to check for "easy-to-guess" passwords.
"The reason this note is going out to Bitnet contacts is that I
discovered a very strong link between hacking into accounts and Bitnet
chatting. Our particular hackers learned of valid usernames by using RSCS
Names and JNET Finger commands. Once valid usernames were known, the hackers
only needed to attempt passwords on these accounts. In our case, we decided
that we would contain our hackers within an account they managed to penetrate
and observe their activities. We felt it would be better for us to contain
the hackers until we "plugged the leaks" in other accounts and systems.
"Our observations of our hackers revealed that they were mostly
interested in Bitnet Chatting activities. We learned that there is an
underground group of Bitnauts that have managed to break into accounts on
systems throughout the US and Europe. They use these accounts to mostly
communicate amongst their peers. By checking file activity in and out of
the account they penetrated at Fermilab, we have discovered many of these other
accounts.
"While researching the activities of the hackers, I have also monitored
the chatting activity that takes place on the various Relays that exist.
I have been told that these Relays have been set up so that the Bitnaut
activity could be controlled and monitored instead of having it occur randomly
throughout the network. I have also observed the chatting activities have
brought the network to its knees at times for extended periods of time.
"The question I now pose: Is the chatting activity that has been
taking place a valid activity of Bitnet? I have been told that chatting
per se is not part of this network's charter. I have also been told that
this is a network of Universities, and chatting is a natural healthy extension
of a student's computer activities.
"At Fermilab, we use Bitnet to allow communications to and from
universities for the purpose of high energy physics research. Bitnet is
the only means of communications for some of the smaller universities. Fermilab
management is concerned about security of our systems and the apparent
relationship of chatting and hacking..."
I do not agree with everything said in that note, but one point does stand
out. That is, a certain element exists in BITNET that plain, outright,
abuses their privledge to use the network. The actions of a few can have
disastrous results, as the fate of MAS@CORNELLC shows. It was not the
intention of the hackers to shut down MAS, they did not overload it with
messages or request several hundred files from a server and bog down the
network. Nontheless, their blatantly irresponsible actions have caused
an immediate reactionary response on the part of Cornell administrators.
Don't try to tell me that the Cornell administrators overeacted or
didn't understand the situation. Whether we agree with their actions
is irrellevant. The damage has been done, and these are the rules
we have to play by.
Where there's smoke, there's fire.
Virtually;
Chris
(Fuzzyman)
+--------------------------------------------------------------------------+
³ An ongoing request: ³
³ If the BITLIST is stored on a public disk at your institution, ³
³ please send me a note with the node and name of your university. ³
³ Thank you. ³
+--------------------------------------------------------------------------+
|
|
