Home Archive RSS/XML Subscribe Shop

[ISN] Info on DOD/DISA/DEM Software 'hack'

From: mea culpa <jericho_at_dimensional.com>
Date: Thu 23 Apr 1998 - 15:43:44 CDT
 [Moderator: Now how hard would this have been for the journalist
  writing the story? <sigh>]

 Forwarded From: Mark (Mookie)[SMTP:mark@ZANG.COM]
 Posted To: 	NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
 Forwarded From: "Prosser, Mike" <Mike_Prosser@tds.com>
 
 From what I can see, the DISA DEM software was/is publically available
 at http://tcoss.safb.af.mil/common/HTML/DSC_support.htm (the link is
 broken though).
 No wonder the feds didn't bother to come after them ;-)
 
 By the looks of ftp://tcoss.safb.af.mil :
 220 tcoss2 Microsoft FTP Service (Version 3.0).
 Name (tcoss.safb.af.mil:root): ftp
 331 Anonymous access allowed, send identity (e-mail name) as password.
 Password:
 230 Anonymous user logged in.
 ftp> dir
 200 PORT command successful.
 150 Opening ASCII mode data connection for /bin/ls.
 11-20-97  05:16PM       <DIR>          ActiveX
 01-27-98  02:47PM       <DIR>          disd
 04-15-98  09:00PM       <DIR>          Disn-W
 03-12-98  08:33PM       <DIR>          DITCO
 04-14-98  01:45PM                    0 dspd8.tmp
 04-17-98  12:20PM       <DIR>          MCI_TCOSS
 04-23-98  06:59AM       <DIR>          PDCBOOK
 03-24-98  08:10PM       <DIR>          R&R
 04-15-98  06:52PM       <DIR>          TSRE
 11-20-97  05:27PM       <DIR>          WinFrame
 ftp> cd Disn-W
 550 Disn-W: Access is denied.
 
 So it appears the "highly technical crack team" just ftp'd the
 software. Wow.
 They fixed the perms on the dir last week.
 
 And what they got:
 
 A software tool set called DEM (Visual Basic Programming based) melds
 the day
 to day network operations and maintenance efforts. DEM provides the
 entire
 RAVN team with a user friendly/graphical based set of tools that allow
 real-time network access for monitoring, control, re-configuration and
 testing of the critical pieces of hardware/software that make up the
 composite RAVN architecture. Both RIMS and DEM data bases are hosted
 on a
 stand alone RAVN server operated and maintained by NTAC personnel. The
 server
 is accessible via a Local Area Network connection and supports up to
 25
 simultaneous users.
 
 Sounds rather useless unless you have the databases of network
 equipment and
 device authentication parameters.
 
 Cheers,
 Mark
 mark@zang.com
 
 

-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: Dimensional Communications (www.dim.com)
Received on Thu Apr 23 18:08:43 1998
Google
 
Web www.infosecnews.org
© Copyright 2007 InfoSec News
Home Archive RSS/XML Subscribe Shop Privacy