**************************************************************************
Security Bulletin 9702 DISA Defense Communications System
March 20, 1997 Published by: DISN Security Coordination Center
(SCC@NIC.MIL) 1-(800) 365-3642
The DISN SECURITY BULLETIN is distributed by the DISN SCC (Security Coordination Center) under DISA contract as a means of communicating information on network and host security exposures, fixes, and concerns to security and management personnel at DISN facilities. Back issues may be obtained via FTP (or Kermit) from NIC.MIL [207.132.116.5] using login="anonymous" and password="guest". The bulletin pathname is scc/sec-yynn (where "yy" is the year the bulletin is issued and "nn" is a bulletin number, e.g. scc/sec-9615.txt). These are also available at our WWW site, http://nic.mil.
**************************************************************************
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
! !
! The following important bulletin was issued by the Automated !
! Systems Security Incident Support Team (ASSIST) and is being !
! relayed unedited via the Defense Information Systems Agency's !
! Security Coordination Center distribution system as a means !
! of providing DISN subscribers with useful security information. !
! !
+ - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - +
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
_____
___ ___ _____ ___ _____ | /
/\ / \ / \ | / \ | | / Integritas
/ \ \___ \___ | \___ | | < et
/____\ \ \ | \ | | \ Celeritas
/ \ \___/ \___/ __|__ \___/ | |_____\
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
To facilitate the timely distribution of security-relevant information to DoD sites worldwide, ASSIST provides:
This ASSIST bulletin provides information about the services that we offer the DOD community and how to access them. Please call the ASSIST Hotline at either 1-800-357-4231 (Comm) or 327-4700 (DSN) or send mail to assist@assist.mil, when encountering any difficulty accessing our BBS, FTP, or WWW site.
_____________________________________________________________________
The ASSIST BBS is a dial-up system that can be reached via modem at 703-607-4710, DSN 327. The BBS is an open system, and users will be prompted to set up an account during the initial call to the system. The vast majority of the files are available for unrestricted viewing and downloading by any user of the BBS. The IBM Antivirus (IBMAV) file area and the Norman anti-virus file area are restricted to access by users who have been verified as being DoD affiliated personnel. The verification process is required to fulfill terms of the licensing agreement with IBM and Norman for use of the IBMAV and Norman AV software. A program called VDOC (freeware to DoD members), which scans for macro viruse, is also contained in the IBMAV file area.
ASSIST verifies DoD affiliation by performing a call back to a DSN phone number provided by the person making the request, or through some other arrangement. Once verified, access is granted to the IBMAV file area by an ASSIST BBS system administrator. Users who have questions or problems while on the BBS should go to the "Message Menu" and leave a message for "sysop".
To login to the ASSIST BBS you will need:
After you connect to the BBS the first time, the software will prompt you for the necessary input to set up an account.
The following is a list of the BBS file areas and a description of content. A detailed listing of file names and descriptions can be viewed by selecting "F" while in the "Main Menu" to switch to the "File Menu", then selecting "L" to list files.
File area 1 - ASSIST Bulletins 1991.
File area 2 - ASSIST Bulletins 1992.
File area 3 - ASSIST Bulletins 1993.
File area 4 - ASSIST Bulletins 1994.
File area 5 - ASSIST Bulletins 1995.
File area 6 - ASSIST Bulletins 1997.
File area 7 through 9 - Reserved for future ASSIST Bulletins.
File area 10 - DOS Security Tools.
File area 11 - UNIX Security Tools.
File area 12 - Network Security Tools.
File area 13 - Miscellaneous Security Tools.
File area 14 - General Security Information.
File area 15 - DISSPatch Newsletters.
File area 16 - Security Publications, Policies, Regulations, Standards.
File area 17 - CHIPS - Navy Computer Security Newsletter.
File area 18 - The National Computer Security Center Rainbow Series.
File area 19 - IBM Anti-Virus (area restricted to DoD only)
File area 20 - INFOSEC Related Training and Conferences.
File area 21 - NIST Computer Systems Lab (CSL) bulletins.
File area 22 - For File uploads to ASSIST, accessible by BBS admin personnel only. All files are reviewed by ASSIST before being made available to BBS users.
File area 24 - Reserved for future ASSIST data.
_____________________________________________________________________
ASSIST has an anonymous FTP system that is available to every DoD system registered with the Defense Data Network (DDN) Network Information Center (NIC), or local Domain Name Server (DNS). The FTP file system is identical to that of the BBS with a few minor exceptions. Messages cannot be left for ASSIST using FTP, but messages can be sent via Milnet e-mail to assist@assist.mil. Milnet users can access the system by FTPing to Milnet address ftp.assist.mil (IP 199.211.123.12), and entering anonymous as the user ID and their e-mail address as the password.
If the user sees the message "421 Connection refused by remote host", ftp.assist.mil did not resolve the incoming address as a .mil. If the user sees the message "Connection timed out", ftp.assist.mil could not determine whether or not the incoming address was a .mil in the allotted time. Our FTP site will attempt to resolve the incoming FTP address via DNS. If this fails, then our server will try to match the incoming FTP address with the NIC's database. You must be using a system with a .mil address to access our FTP site. If you still have trouble accessing our site, call our hotline for help.
Users attempting to access our site from a 3b2 system need to
call our hotline so we can disable our banners. In addition, certain
Windows NT clients have been known to cause problems. In either
case, call our hotline so we can make the appropiate changes so
you can access our system.
To access the ASSIST anonymous FTP system:
Connected to ftp.assist.mil.
220-USE OF THIS OR ANY OTHER DEPT. OF DEFENSE INTEREST COMPUTER SYSTEM 220-(DODICS) CONSTITUTES AN EXPRESS CONSENT TO MONITORING AT ALL TIMES. 220-THIS DODICS AND ALL RELATED EQUIPMENT ARE TO BE USED FOR THE 220-COMMUNICATION, TRANSMISSION, PROCESSING, AND STORAGE OF OFFICIAL U.S. 220-GOVERNMENT OR OTHER AUTHORIZED INFORMATION ONLY. ALL DODICS ARE 220-SUBJECT TO MONITORING AT ALL TIMES. IF MONITORING OF ANY DODICS 220-REVEALS POSSIBLE VIOLATION OF CRIMINAL STATUTES, ALL RELEVANT 220-INFORMATION MAY BE PROVIDED TO LAW ENFORCEMENT OFFICIALS.
Name (ftp.assist.mil:<your user ID>):
The anonymous FTP resource is a Unix system. Type:
to change from the current directory to another directory called directory-name. To download a file, type:
The default file type is ASCII. If you are downloading a binary file (i.e. an executable or encrypted), change to binary mode first by typing:
binary <return>
To change back to ASCII, type:
ascii <return>
After a successful login, a directory listing (ls -l) will show the following:
lrwxrwxrwx 1 root 16 Jul 19 1996 army.toolbox -> pub/army.toolbox
- -rw-r-r-- 1 root 803 Aug 7 1995 assist.pgp
d-x-x-x 2 root 512 Apr 15 1996 bin
drwxr-sr-x 2 root 512 Jul 17 1996 dev
d-x-s-x 2 root 512 Dec 17 1993 etc
drwxrws-wx 5 root 1024 Mar 6 02:45 incoming
drwxrws-x 8 root 512 Feb 18 22:27 outgoing
drwxrwsr-x 10 root 512 Mar 4 23:43 pub
Next, change directory to pub (cd pub) where a directory listing (ls -l) will show the following. NOTE: Each directory has a .message file that contains file names and descriptions for that directory.
dr-xr-sr-x 2 root 512 Mar 4 23:43 NCIS
drwxrwsr-x 5 root 512 Feb 6 18:39 antivirus
drwxrwsr-x 4 root 512 May 17 1996 army.toolbox
drwxrwsr-x 9 root 512 Sep 21 16:59 bulletins
drwxrwsr-x 3 root 512 Jul 18 1996 ciss
drwxrwsr-x 2 root 1024 Aug 6 1996 dos_utils
drwxrwsr-x 10 root 512 Dec 11 22:01 info
Directories of interest include:
Directory /pub/NCIS/: Utility provided by NCIS to scan your system for
objectionable images and sound files. Part of "Protecting your Children in Cyberspace initiative."
IBMAV and Norman AV.
Directory /pub/bulletins/: ASSIST Security Bulletins sorted by year.
Directory /pub/info/: General Information including CHIPS Navy
computer security newletters, NIST bulletins, and various policy documents.
Directory /pub/tools/: Security tools for various hardware/software
platforms. Included are subdirectories for Digital Encryption
Standard (DES) software, The Security Profile Inspector (SPI)
for UNIX (in encrypted form, DES key available from ASSIST), and
the Security Products Database Read Only Catalog (SPD/ROC).
_____________________________________________________________________
Our Web site has undergone a significant face lift and is easier to use than ever. Set you browser to open: "http://www.assist.mil". Our Web site provides the DOD community with an easy to use and useful interface for accessing our archived bulletins, antivirus software, security tools, as well as links to other sites that might be useful. This is also the easiest way to interface our FTP site.
While our web site is not restricted to the DOD community, many of the tools than are available on the site are. Thus if you have trouble downloading some of the software, see the above section concerning our FTP site restrictions. The same restrictions apply to any software downloaded from our web site.
_____________________________________________________________________
Our security bulletins are the best way that we can alert the DOD community of time sensitive security alerts. They may contain virus alerts, newly announced vulnerabilities and fixes, as well as other useful information. Our bulletins are not released on a fixed schedule, but instead as the need arises. We encourage any DOD personnel responsible for maintaining the integrity of a DOD information system to subscribe to our mailing list so that our information may reach the widest audience possible as quickly as possible.
To subscribe: send mail to assist-request@assist.mil with the word SUBSCRIBE followed by the e-mail address that you wish the bulletins to go to.
_____________________________________________________________________
The ASSIST Hotline is manned 24 hours a day 7 days a week. We
may be contacted at (800) 357-2431 (Comm) or 327-4700 (DSN) or
mail can be sent to assist@assist.mil. Secure communication is
also available upon request.
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
ASSIST is an element of the Defense Information Systems Agency (DISA), Countermeasures, which provides service to the entire DoD community. Constituents of the DoD with questions about ASSIST or computer security issues, can contact ASSIST using one of the methods listed below. Non-DoD organizations/institutions, contact the Forum of Incident Response and Security Teams (FIRST) representative. To obtain a list of FIRST member organizations and their constituencies send an email to docserver@first.org with an empty "subject" line and a message body containing the line "send first-contacts".
ASSIST Information Resources: To be included in the distribution list for the ASSIST bulletins, send your Milnet (Internet) e-mail address to assist-request@assist.mil. Back issues of ASSIST bulletins, and other security related information, are available from the ASSIST BBS at 703-607-4710, 327-4710, and through anonymous FTP from ftp.assist.mil (IP address 199.211.123.12). Note:
ftp.assist.mil will only accept anonymous FTP connections from Milnet addresses that are registered with the NIC or DNS. If your system is not registered, you must provide your MILNET IP address to ASSIST before access can be provided.
ASSIST Contact Information:
PHONE: 800-357-4231 (or 703-607-4700 DSN 327), duty hours are 24 hours a day, 7 days a week, 365 days a year.
ELECTRONIC MAIL: Send to assist@assist.mil.
ASSIST BBS: Leave a message for the "sysop".
ASSIST uses Pretty Good Privacy (PGP) as the digital signature mechanism for bulletins. PGP incorporates the RSAREF™ Cryptographic Toolkit under license from RSA Data Security, Inc. A copy of that license is available via anonymous FTP from net-dist.mit.edu (IP 18.72.0.3) in the file /pub/PGP/rsalicen.txt. In accordance with the terms of that license, PGP may be used for non-commercial purposes only. Instructions for downloading the PGP software can also be obtained from net-dist.mit.edu in the pub/PGP/README file. PGP and RSAREF may be subject to the export control laws of the United States of America as implemented by the United States Department of State Office of Defense Trade Controls. The PGP signature information will be attached to the end of ASSIST bulletins.
Reference herein to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favoring by ASSIST. The views and opinions of authors expressed herein shall not be used for advertising or product endorsement purposes.
****************************************************************************
* *
* *
* *
* *
* *
* *
* *
* *
****************************************************************************
PLEASE NOTE: Some users outside of the DOD computing communities may receive DISN Security Bulletins. If you are not part of the DOD community, please contact your agency's incident response team to report incidents. Your agency's team will coordinate with DOD. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained by sending email to docserver@first.org with an empty subject line and a message body containing the line: send first-contacts.
This document was prepared as an service to the DOD community.
Neither the United States Government nor any of their employees,
makes any warranty, expressed or implied, or assumes any legal
liability or responsibility for the accuracy, completeness, or
usefulness of any information, product, or process disclosed,
or represents that its use would not infringe privately owned
rights. Reference herein to any specific commercial products,
process, or service by trade name, trademark manufacturer, or
otherwise, does not necessarily constitute or imply its endorsement,
recommendation, or favoring by the United States Government. The
opinions of the authors expressed herein do not necessarily state
or reflect those of the United States Government, and shall not
be used for advertising or product endorsement purposes.