|
Call it what you want - We own your dumb ass
The w0rd is everywere like a virus People know what we are doing. People know what are our motives, but there are things that doesnīt want people to know. We have some inf0 about whatīs happening and we will make it public because we must show who FBI really is and who is helping them. Consider this as their little secretes which arenīt so secret. FBI isnīt aware of what we really are capable, although they seem to be pretty interested on us. On this advisory you will see that they are asking to the admins to protect themselves from an eventual attack. National Infrastructure Protection center is the agencie responsable for this advisoryīs that only some gov departments and ISPīs have access. There can be people who are aware of all this but we like all people to know. Read it and cry for more
... m1crochip / in0de
Date: Tue, 08 Jun 1999 08:18:10 -0700 From: Rick Haidle <rhaidle@leo.gov> To: secret source Subject: ANSIR Email Advisory 6/8/99
The current FBI Los Angeles email advisory is transmitted to you for your use as deemed appropriate. Because of the varied email and word processing formats that exist, two versions of this communication are sent to each recipient. The first version is a text only email with no attachments. The second version includes the complete text of the advisory within the body of the communication, but also includes attachments. The attachments are in Word Perfect and Microsoft Word formats. The content of both attachments are identical, and include a graphic of the FBI Seal. The attachments are more suitable for duplication and distribution to Executives and other decision makers, or as a part of a security newsletter, training package, or other informational purpose.
Any questions may be directed to Special Agent Richard Haidle, FBI Los Angeles Awareness of National Security Issues and Response (ANSIR) Coordinator, at 310-996-3557 (Voice), or 800-734-1288 (Fax, only good for calls within California), or by email to rhaidle@leo.gov .
THE CURRENT ADVISORY FOLLOWS:
ANSIR Email -- NIPC Hacker Advisory (99-010)
National Infrastructure Protection Center (NIPC) Well-publicized Hacker Activity Against U.S. Government Sites (NIPC warning 99-010)
Ref: NIPC information system advisory 99-008 (11 May 99) This Awareness of National Security Issues and Response (ANSIR) communication is intended for corporate security professionals and others who have requested to receive unclassified national security advisories. This communication is not a press release and should not be furnished to those who are not direct recipients of ANSIR Program disseminations or republished in any public format without specific authorization from the National ANSIR Program at FBIHQ. Media requests should be directed to the local FBI field office media representative.
The purpose of this advisory is to summarize recent, well-publicized hacker activity against U.S. Government sites and provide an assessment and recommendations.
On 26 May, the FBI Dallas office executed numerous simultaneous search warrants. Some of the individuals included in the searches were from the hacker group Global Hell. Allegedly because of these searches, persons claiming to be members of the group took credit for a subsequent denial of service attack on the FBI web site (hosted by IBM Global Networks). The U.S. Senate web site was also reportedly hacked in response to the FBI searches by the hacker group Masters of Downloading. Over the Memorial Day weekend, public reports of additional searches involving Global Hell members were followed by additional web page hacks including the Department of Interior (claimed by Global Hell) and the Department of Energy's Idaho National Engineering and Environmental Laboratory (claimed by F0RPAXE).
The reference message identifies the Portuguese hacker group F0RPAXE and their initial activity over the past six weeks. In addition to the DOE Idaho laboratory, F0RPAXE has claimed responsibility (on attrition.org) for dozens of additional web page hacks over the past few days of various commercial and public sites. These claims are uncorroborated and inconsistent with their prior U.S. Government and military web page hacking over the past six weeks. Unlike before, this weekend's hacking suggests the use of automated tools, and the language in their weekend statement reflects more hacker support than a Portuguese protest agenda. There is little direct evidence that F0RPAXE is really or strictly a Portuguese-associated group.
Ongoing investigations of this recent hacker activity may involve individuals both in the United States and overseas which highlights the lack of political and geographic boundaries in cyber space. This recent hacker activity may continue and may include a protest of and/or response to an expected June sentencing of Kevin Mitnick. The techniques used in all the attacks are well- known denial of service exploits, including cold fusion, automated access or Smurf attacks, and website vandalism involving intrusion into the website server.
Recommendations: NIPC suggests that recipients consider the following actions to protect information systems and networks: System and network administrators should examine their systems for intrusion exploits and report them as appropriate. These exploits could include intrusions originating or passing through dial-up connections belonging to foreign Internet service providers, unauthorized system access, unusual or disruptive E-mail traffic or web site activity, etc. System administrators should also evaluate the presence and effectiveness of computer security procedures required by their organization. These include network intrusion detection, blocking or limiting unnecessary inbound traffic, regular review of system logs, disabling inactive user accounts, password and login ID changes, ensuring recommended patches are in place (almost all of the intrusions observed to date utilized exploits with publicly available patches), and similar actions.
NIPC encourages affected sites to retain as much relevant log information as possible, while re- establishing their web presence as quickly as organizational judgment and requirements suggest. Recipients are asked to report suspicious activity to your local FBI field office ANSIR or NIPC Coordinator and to your own organizational computer emergency response group, as appropriate. The NIPC can be located at Internet web site: www.nipc.gov.
The Los Angeles office of the Federal Bureau of Investigation is located at 11000 Wilshire Boulevard, Los Angeles, CA 90024. The telephone number is 310-477-6565. The FBI Los Angeles Awareness of National Security Issues and Response (ANSIR) Coordinator is Special Agent Richard Haidle. Special Agent Haidle may be contacted at 310-996-3557 (voice), 800-734-1288 (fax), or rhaidle@leo.gov (email). If you are aware of individuals that would be interested in receiving future advisories, or would like to add others within your organization to the list of recipients, please forward the following information:
Recipients Name Email Address Company/Organization Name Postal Address Voice Number Fax Number
SA Haidle is also available to give presentations on various National Security related issues to appropriate audiences. Presentations are not classified, and will focus primarily on Economic Espionage and Theft of Trade Secrets or Proprietary Information.
-----BEGIN PGP SIGNATURE----- Version: 2.6.2
iQCVAwUBN10mjc2OVDpaKXD9AQGZdQP/b2C2tDrQvc15xAG/DhzSjmWNWC4RlrQn I5E7VsxqrmC4E+5IDWCtEulsnXN3W92zpAqkUNNUogjwbMnkRq1nKsanh+30vbiH lzX5z7XwxQcqlgJpGXZWwXtSI2zr4W7Dpu4oI05hy3V2RXyDRTCvWvI/HhqCzUR3 Ou7E7BGiO9I= =aeSH -----END PGP SIGNATURE-----
|
|