************************************************************************** Security Bulletin 9202 DISA Defense Communications System 23 January 1992 Published by: DDN Security Coordination Center (SCC@NIC.DDN.MIL) 1-(800) 365-3642 DEFENSE DATA NETWORK SECURITY BULLETIN The DDN SECURITY BULLETIN is distributed by the DDN SCC (Security Coordination Center) under DISA contract as a means of communicating information on network and host security exposures, fixes, and concerns to security and management personnel at DDN facilities. Back issues may be obtained via FTP (or Kermit) from NIC.DDN.MIL [192.112.36.5] using login="anonymous" and password="guest". The bulletin pathname is scc/ddn-security-yynn (where "yy" is the year the bulletin is issued and "nn" is a bulletin number, e.g. scc/ddn-security-9201). ************************************************************************** First, we at the SCC hope you had a safe, secure, and happy new year. For some time now, the SCC has produced daily reports on TAC activity and suspected TAC Security Incidents. It has only been recently, however, that the SCC has been tasked by the DDN Network Security Officer (NSO) to perform follow-up on these suspected TAC Security Incidents with the user's Host Administrator (HA). As a result, HA's are now receiving a portion of the Security Incident Report as it applies to their user(s). The HA's are being asked to investigate these suspected security incidents and respond back to the SCC with the results of their inquiries. If a breach of DDN/TAC security has occurred, that user's TAC card will be deactivated. If the HA fails to respond, it will also cause that user's TAC card to be deactivated. The following acts are considered a breach of DDN/TAC security. Allowing your TAC access code to be used by anyone except yourself. Imbedding TAC access codes in software. Including TAC access codes in login files or scripts. Logging into a TAC for someone else. The TAC access codes are to be manually entered every time a user logs into the TAC. HA's can request TAC cards for anyone who has a genuine need to utilize the network. HA's can also request guest TAC cards for temporary users and for users who are waiting for their own TAC cards to arrive. In 1992, let's make the DDN more secure than it has ever been before.