On Wed, 22 Aug 2001, J. J. Young wrote:
> http://www.norfolk.navy.mil/oasys/dirlist.html
>
> or tell me if there's been a crack-down on the US Navy doing non-maritime
> activities.
At NADEP Jacksonville, (Naval Aviation DEPot) computer
security was taken seriously. At the time I was ISSO
(Information System Security Officer) for the Machine
Branch, there was a LAN, but no internet connection.
Course, that *was* '94, and the internet wasn't as
pervasive then.
Anyway, our chief ISSO would have had a cow if he'd
discovered such a thing... but times do change... and
different installations have different policies.
$ Ping www.norfolk.navy.mil
64 bytes from nctamslant.navy.mil (138.143.250.72): icmp_seq=0 ttl=115 time=80.617 msec
nmap portscan shows port 80 is open, and...
-----
TCP Sequence Prediction: Class=trivial time dependency
Difficulty=16 (Easy)
Remote operating system guess: Windows NT4 / Win95 / Win98
-----
The port is open, but there's no server answering.
The machine could have been cracked, or the web server
could have been taken offline due to Code Red.
Government targets seem especially attractive to script
kiddies. Matter of fact, I had a port 111 probe from a Linux
machine (RH 6.0) at Portsmouth Naval Shipyard (where I used
to work long ago). Investigation revealed that it was
running a vulnerable ftp server, and was listening on
well-known trojan/root-kit ports. Attempts to e-mail the
appropriate admin resulted only in bounced e-mail.
I think sometimes these machines are put online, the
admin gets transferred (if military) or moves on (if
civilian), and the machines are left to fend for
themselves, so to speak.
- Steve
