LISTSERV - HP3000-L Archives

HP3000-L Archives

March 1997, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L March 1997, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: FW: Security Tip -Reply
From:	John Korb <[log in to unmask]>
Reply To:	John Korb <[log in to unmask]>
Date:	Thu, 13 Mar 1997 17:24:47 -0500
Content-Type:	TEXT/PLAIN
Parts/Attachments:	TEXT/PLAIN (92 lines)

Much like Ken, we (those of us working on a DOD contract) received a
security briefing years ago and had to go through and change our systems
to comply with the security directives that were issued.  Below is a
sample of the message our users receive (with phone number "x"d out).

******************************* (CDA9) ********************************
WARNING. UNAUTHORIZED USERS WILL BE PROSECUTED UNDER PUBLIC LAW 98-473.
 To report unauthorized access call the NETWORK ADPSSO (xxx)-xxx-xxxx.
Use of this system constitutes consent to security testing & monitoring
***********************************************************************

The "CDA9" is the name of the system.  The phone number is in the message
so that the poor, unfortunate soul who "accidentally" breaks security and
logs onto the system has one last legal out - reporting their
"accidental' access.  As the lawyer said, "If they break into your system
and don't call and report their access as accidental, then they must have
meant to break into your system, so we can throw the book at them".
Hmmm.  Who knows.  Anyway, we have the above messages in the system
message catalog.  Below are the lines we placed in the message catalog
(as listed with EDITOR).

/l 43/54,unn
34 &
******************************* (CDA9) ********************************%
WARNING. UNAUTHORIZED USERS WILL BE PROSECUTED UNDER PUBLIC LAW 98-473.%
 To report unauthorized access call the NETWORK ADPSSO (xxx)-xxx-xxxx.%
Use of this system constitutes consent to security testing & monitoring%
***********************************************************************
35 &
******************************* (CDA9) ********************************%
WARNING. UNAUTHORIZED USERS WILL BE PROSECUTED UNDER PUBLIC LAW 98-473.%
 To report unauthorized access call the NETWORK ADPSSO (xxx)-xxx-xxxx.%
Use of this system constitutes consent to security testing & monitoring%
***********************************************************************
/

Note that we have kept the catalog UNNUMBERED, so your line numbers
(46/53 in our case) may be different.  Also, there are two separate
messages to update - one for batch access and one for interactive access.

We were told to completely eliminate the text which identifies the brand,
model, and operating system, as this was considered too helpful to
someone who enteres the system.  Since SHOWME displays the MPE version
information, this was not a problem.

We also changed the login prompts ("ENTER GROUP ! PASSWORD", "ENTER
ACCOUNT ! PASSWORD", and "ENTER USER ! PASSWORD").  This makes logging
onto the HP 3000 rather unfriendly, which was the point of the security
directives.

As far as an urban legend, I don't think so.  We received a nice, 1/4"
thick official document at the time, telling us what was and was not
acceptable and a briefing that seemed like it went on forever.  The one
thing that was stressed again and again in the briefing (more of a deity
to cosmic slime edict) was that "WELCOME" was one word that was to be
removed from ALL logon messages and all applications.

For what it's worth,

John

On Thu, 13 Mar 1997, Ken Sletten B894 C312 x62525 wrote:

<snip>

> We went through the same thing in DOD several years ago.  I didn't
> ever get details on when and where it happened, but our security
> people were also claiming there really was a case where a hacker
> got off because of the "Welcome" thing.  Anyway, all internal system
> managers were directed to remove anything resembling "Welcome"
> from all logon messages......  Hmmmm..... This sounds like a ?? for
> Eugene...
>
> FWIW, part of our 3000 logon message (system-specific stuff
> deleted) now says:
>
> "Unauthorized access to this U.S.Government computer prohibited
> by Public Law 98-473.   Up to $100,000 fine and / or 20 years."
>
> .... I've been wanting to add "And y'all have a nice day" at the end
> of that;  maybe I'll get bored and do it one of these days.....    ;-)
>
> Ken Sletten
>

--------------------------------------------------------------
John Korb                            email: [log in to unmask]
Innovative Software Solutions, Inc.

The thoughts, comments, and opinions expressed herein are mine
and do not reflect those of my employer(s), or anyone else.

ATOM RSS1 RSS2

RAVEN.UTC.EDU