________ _________ _________ ___ _________ _______ _________ _________ _________ _________ ___ _________ _________ _________ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ _______ ___ ___ ___ ___ _______ ___ ________ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ _________ _________ ___ _________ _________ _________ ___ ________ _________ ___ _________ _________ _______ ___ / › VOLUME 3 NUMBER 8 JANUARY 8, 1986 / › A weekly list of file servers, conference machines and electronic magazines / › +---------------------------------------------------------------------------+ ³Please send additions, deletions and requests to get on the mailing list to³ ³ Chris Condon, BITLIB@YALEVMX ³ +---------------------------------------------------------------------------+ +---------------------------------------------------------------------------+ ³ Active file servers: ³ +---------------------------------------------------------------------------+ BITSERVE @ CUNYVM - City University of New York CANSERVE @ CANADA01 - University of Guelph CSNEWS @ MAINE - University of Maine FORUM @ BITNIC - Bitnet Support Center KERMSRV @ CUVMA - Kermit Users Server, Columbia University LFCNET @ ICNUCEVM - National University Computer Center - Pisa MACSERVE @ BITNIC - Macintosh Users Server, Bitnet Support Center NICSERVE @ BITNIC - Bitnet Support Center NYSHARE @ WEIZMANN - Weizmann Institute of Science SERVER @ TAMCBA - Texas A & M College of Business Administration SERVER @ UOGUELPH - University of Guelph VMBBOARD @ WEIZMANN - Weizmann Institute of Science +---------------------------------------------------------------------------+ ³ Active NETSERV file servers: ³ +---------------------------------------------------------------------------+ NETSERV @ AEARN - Austria EARN - Linz NETSERV @ BITNIC - Bitnet Support Center NETSERV @ CEARN - Centre Europeen de Recherche Nucleaire NETSERV @ DEARN - German central node of EARN - Darmstadt NETSERV @ EARNET - IBM SC - Roma NETSERV @ EB0UB011 - Universidad de Barcelona NETSERV @ FRMOP11 - CNUSC, Montpellier NETSERV @ GREARN - Research Center of Crete - Heraklion NETSERV @ HEARN - Katholieke Universiteit Nijmegen NETSERV @ IRLEARN - University College - Dublin NETSERV @ ISRAEARN - IBM Israel SC - Haifa NETSERV @ SEARN - Sweden EARN - Stockholm NETSERV @ UKACRL - Rutherford Appleton Laboratory - UK EARN +---------------------------------------------------------------------------+ ³ Active database servers: ³ +---------------------------------------------------------------------------+ DATABASE @ BITNIC - Bitnet Information Center +--------------------------------------------------------------------------+ ³ Active name servers: ³ +--------------------------------------------------------------------------+ BITSERVE @ CUNYVM - City University of New York CSNEWS @ MAINE - University of Maine FINGER @ CUVMA - Columbia University LOOKUP @ RITVAXC - Rochester Institute of Technology LOOKUP @ RITVAXD - Rochester Institute of Technology VMNAMES @ WEIZMANN - Weizmann Institute of Science +--------------------------------------------------------------------------+ ³ Active conference machines: ³ +--------------------------------------------------------------------------+ CERITOR @ TECHNION - Technion - Haifa FORUM @ BITNIC - Bitnet Support Center SERVER @ TAMCBA - Texas A & M College of Business Administration +--------------------------------------------------------------------------+ ³ The Relay conference machine network: ³ +--------------------------------------------------------------------------+ BASTILLE @ UIUCVMC - University of Illinois CSCML @ CCNYVME - City College of New York CXBOB @ ASUACAD - Arizona State University DSCAWAC @ CFRVM - Central Florida Regional Data Center ENE11S @ DE0HRZ1A - Universitaet Essen K242804 @ CZHRZU1A - Zurich University NETRELAY @ FRECP11 - Ecole Centrale de Paris PSUG @ VPIVM2 - Virginia Polytechnic Institute and State University RELAY @ AEARN - Austrian EARN node at Linz RELAY @ BITNIC - Bitnet Support Center RELAY @ CEARN - Centre Europeen de Recherche Nucleaire RELAY @ CLVM - Clarkson University RELAY @ DEARN - German central node of EARN at Darmstadt RELAY @ DKTC11 - Copenhagen Technical College RELAY @ HEARN - Katholieke Universiteit Nijmegen RELAY @ ISRAEARN - IBM Israel SC - Haifa RELAY @ JPNSUT10 - Science University of Tokyo RELAY @ NCSUVM - North Carolina State University RELAY @ NDSUVM1 - North Dakota State University RELAY @ PURCCVM - Purdue University RELAY @ TCSVM - Tulane University RELAY @ UREGINA1 - University of Regina RELAY @ UTCVM - University of Tennessee - Chattanooga RELAY @ YALEVM - Yale University Computer Center RELAY @ YALEVMX - Yale University Computer Center ZJD012 @ DMSWWU1A - Uni Muenster 8350428 @ UWAVM - University of Washington +--------------------------------------------------------------------------+ ³ Electronic magazines: ³ ³ Mailing list information is included in each magazine. ³ +--------------------------------------------------------------------------+ CLUB - Back issues available from FORUM@BITNIC CRTNET - Back issues available from LFCNET@ICNUCEVM BITLIST - Latest issue is stored on NETSERV as BITNET SERVERS FSFNET - Back issues available from CSDAVE@MAINE & SERVER@TAMCBA NUTWORKS - Back issues available from FORUM@BITNIC & CSNEWS@MAINE REXXyymm FORUM - Back issues available from LFCNET@ICNUCEVM VM/COM - Back issues available from CSNEWS@MAINE +--------------------------------------------------------------------------+ ³ >>>B I T N O T E S>>> ³ +--------------------------------------------------------------------------+ Dead, risen, dead again... ...and permanently this time. MAS@CORNELLC, the Relay that was shut down, and then restarted, (giving me terrible headaches and the readers huge belly laughs) had been put to rest forever. this is no laughing matter, however. Witness the following message intercepted for me by Kevin Adams and Andrew Derbyshire: "The Cornell Relay has been shut down forever due to the misuse of BITNET by some hackers in West Germany who discussed their trade on the Relay. It is Cornell's desire to not be associated with the Relay system in the future. To find out which node will now be servicing your site, type /SERV at any Relay. If the response is still MAS@CORNELLC then you'll have to wait until the Operator for that Relay gets an updated version. I would think that by Thursday everything will be corrected." A more detailed explanation was sent to me by Mark Sincock, the man that ran MAS@CORNELLC. The letter was written by Greg Chartrand, Network manager at Fermilab: "Over the last several months, Fermilab and other high energy physics laboratories have been the targets of computer hackers in West Germany. These hackers are members of an organized club called the Chaos Computer Club (CCC) which claims to have up to 50 members. A few of these hackers managed to break into Fermilab (and other HEP sites) by accessing our systems through Tymnet. They broke into accounts by attempting easy passwords; passwords having the same as username, the user's personal name and , system default passwords for maintenance and systems accounts. In the latter case at a HEP site, considerable system damage was done by breaking into a maintenance account. If nothing else, this note should serve as a warning for those of you who have not bothered to check for "easy-to-guess" passwords. "The reason this note is going out to Bitnet contacts is that I discovered a very strong link between hacking into accounts and Bitnet chatting. Our particular hackers learned of valid usernames by using RSCS Names and JNET Finger commands. Once valid usernames were known, the hackers only needed to attempt passwords on these accounts. In our case, we decided that we would contain our hackers within an account they managed to penetrate and observe their activities. We felt it would be better for us to contain the hackers until we "plugged the leaks" in other accounts and systems. "Our observations of our hackers revealed that they were mostly interested in Bitnet Chatting activities. We learned that there is an underground group of Bitnauts that have managed to break into accounts on systems throughout the US and Europe. They use these accounts to mostly communicate amongst their peers. By checking file activity in and out of the account they penetrated at Fermilab, we have discovered many of these other accounts. "While researching the activities of the hackers, I have also monitored the chatting activity that takes place on the various Relays that exist. I have been told that these Relays have been set up so that the Bitnaut activity could be controlled and monitored instead of having it occur randomly throughout the network. I have also observed the chatting activities have brought the network to its knees at times for extended periods of time. "The question I now pose: Is the chatting activity that has been taking place a valid activity of Bitnet? I have been told that chatting per se is not part of this network's charter. I have also been told that this is a network of Universities, and chatting is a natural healthy extension of a student's computer activities. "At Fermilab, we use Bitnet to allow communications to and from universities for the purpose of high energy physics research. Bitnet is the only means of communications for some of the smaller universities. Fermilab management is concerned about security of our systems and the apparent relationship of chatting and hacking..." I do not agree with everything said in that note, but one point does stand out. That is, a certain element exists in BITNET that plain, outright, abuses their privledge to use the network. The actions of a few can have disastrous results, as the fate of MAS@CORNELLC shows. It was not the intention of the hackers to shut down MAS, they did not overload it with messages or request several hundred files from a server and bog down the network. Nontheless, their blatantly irresponsible actions have caused an immediate reactionary response on the part of Cornell administrators. Don't try to tell me that the Cornell administrators overeacted or didn't understand the situation. Whether we agree with their actions is irrellevant. The damage has been done, and these are the rules we have to play by. Where there's smoke, there's fire. Virtually; Chris (Fuzzyman) +--------------------------------------------------------------------------+ ³ An ongoing request: ³ ³ If the BITLIST is stored on a public disk at your institution, ³ ³ please send me a note with the node and name of your university. ³ ³ Thank you. ³ +--------------------------------------------------------------------------+