Linux-kernel: Linux connectivity trashed.

Subject: Linux connectivity trashed.
Date: Thu, 29 Mar 2001 08:34:06 -0500
From: "Richard B. Johnson" <root@quark.analogic.com>
To: <linux-kernel@vger.kernel.org>


This is for information only.

Last week a standard RH distribution of Linux was rooted from what looks like a Russian
invasion. The penetration used the method taught in the  CERT Advisory CA-2000-17.

The intruder(s) then attempted to perform additional penetrations from this site. One of
the sites attacked was alleged to be Raytheon. Raytheon makes products for national
security such as guided missiles.

I was told that Raytheon is now suing this company.  Therefore all Linux machines are
being denied access to the Internet.

The penetration occurred because somebody changed our firewall configuration so that all
of the non-DHCP addresses, i.e., all the real IP addresses had complete connectivity to
the outside world. This meant that every Linux and Sun Workstation in this facility was
exposed to tampering from anywhere in the world. This appears to be part of a plan to
remove all non-DHCP machines by getting them trashed.  In other words, we were set up to
take a hard fall because no machine that allows NFS mounts can be safely exposed to the
outside world without blocking portmap.

There is a concerted effort to eliminate both Sun Workstations and Linux machines as tools
in this facility. This happens as the "yuppies", who have never, ever, contributed to
product development are Peter-Principled into positions of authority.



So, now I hooked up my lap-top, installed Windows.... and here I am.  Only windows
machines are allowed to access the outside world.


Cheers,

Richard B. Johnson 
Formally root@chaos.analogic.com