**************************************************************************

Security Bulletin 9705 DISA Defense Communications System

April 14, 1997 Published by: DISN Security Coordination Center

(SCC@NIC.MIL) 1-(800) 365-3642

DEFENSE INFORMATION SYSTEM NETWORK

SECURITY BULLETIN

The DISN SECURITY BULLETIN is distributed by the DISN SCC (Security Coordination Center) under DISA contract as a means of communicating information on network and host security exposures, fixes, and concerns to security and management personnel at DISN facilities. Back issues may be obtained via FTP (or Kermit) from NIC.MIL [207.132.116.5] using login="anonymous" and password="guest". The bulletin pathname is scc/sec-yynn (where "yy" is the year the bulletin is issued and "nn" is a bulletin number, e.g. scc/sec-9615.txt). These are also available at our WWW site, http://nic.mil.

**************************************************************************

+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +

! !

! The following important advisory was issued by the DOD General !

! Counsel (DOD/GC) and is being relayed via the Defense !

! Information Systems Agency's Security Coordination Center !

! distribution system as a means of providing DISN subscribers !

! with important security guidelines. !

! !

+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +

Following Warning Notice is from the DOD General Counsel (DOD/GC). DISA has received guidance form DOD/GC to have this warning notice transmiited electronically to all personnel conected to our DISANET. Ensure you immediately retransmit this notice to ALL, repeat, ALL personnel within your respective organizations.

---------------------------------------------------------------------

MEMORANDUM FROM THE DOD GENERAL COUNSEL TO ALL DOD COMPUTER USERS:

We increasingly rely on uninterrupted service from our information systems to provide and communicate authentic, accurate, and timely information. However, DoD systems are continually under attack by hackers and other unscrupulous persons. To improve our computer security, it is necessary for authorized organizations to monitor our computer systems and networks, looking for unauthorized users or uses. Computer security may also include authorized efforts to penetrate DoD systems, in an effort to locate weak points in our security systems. It is DoD policy to ensure that DoD computer users are aware that monitoring may occur at any time, and that monitoring will usually go unnoticed even by skilled users. We are sending the following notice to all current users via e-mail to remind them of DoD monitoring.

THIS IS A DEPARTMENT OF DEFENSE COMPUTER SYSTEM. THIS COMPUTER SYSTEM, WHICH INCLUDES ALL RELATED EQUIPMENT, NETWORKS AND NETWORK DEVICES (SPECIFICALLY INCLUDING ACCESS TO THE INTERNET), ARE PROVIDED ONLY FOR OFFICIAL U.S. GOVERNMENT BUSINESS.

DOD COMPUTER SYSTEMS MAY BE MONITORED BY AUTHORIZED PERSONNEL TO ENSURE THAT THEIR USE IS AUTHORIZED, FOR MANAGEMENT OF THE SYSTEM, TO FACILITATE PROTECTION AGAINST UNAUTHORIZED ACCESS, AND TO VERIFY SECURITY PROCEDURES. MONITORING INCLUDES "HACKER" ATTACKS TO TEST OR VERIFY THE SECURITY OF THIS SYSTEM AGAINST USE BY UNAUTHORIZED PERSONS. DURING THESE ACTIVITIES, INFORMATION STORED ON THIS SYSTEM MAY BE EXAMINED, COPIED AND USED FOR AUTHORIZED PURPOSES, AND DATA OR PROGRAMS MAY BE PLACED INTO THIS SYSTEM. THEREFORE, INFORMATION YOU PLACE ON THIS SYSTEM IS NOT PRIVATE.

USE OF THIS DOD COMPUTER SYSTEM, AUTHORIZED OR UNAUTHORIZED, CONSTITUTES CONSENT TO OFFICIAL MONITORING OF THIS SYSTEM. UNAUTHORIZED USE OF A DOD COMPUTER SYSTEM MAY SUBJECT YOU TO CRIMINAL PROSECUTION. EVIDENCE OF UNAUTHORIZED USE COLLECTED DURING MONITORING MAY BE PROVIDED TO APPROPRIATE PERSONNEL FOR ADMINISTRATIVE, CRIMINAL OR OTHER ACTION.


****************************************************************************

* *

* *

* *

* *

* *

* *

* *

* *

****************************************************************************

PLEASE NOTE: Some users outside of the DOD computing communities may receive DISN Security Bulletins. If you are not part of the DOD community, please contact your agency's incident response team to report incidents. Your agency's team will coordinate with DOD. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained by sending email to docserver@first.org with an empty subject line and a message body containing the line: send first-contacts.

This document was prepared as an service to the DOD community. Neither the United States Government nor any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government. The opinions of the authors expressed herein do not necessarily state or reflect those of the United States Government, and shall not be used for advertising or product endorsement purposes.