Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!pasteur!ucbvax!SDS.SDSC.EDU!gkn From: gkn@SDS.SDSC.EDU (Gerard K. Newman) Newsgroups: comp.protocols.tcp-ip Subject: RE: Virus - did it infect "secure" machines Message-ID: <881107224915.20c01427@Sds.Sdsc.Edu> Date: 7 Nov 88 22:49:15 GMT Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 47 >From: root@sbcs.sunysb.edu (root) >To: tcp-ip@sri-nic.arpa >Subject: Virus - did it infect "secure" machines >Date: 7 Nov 88 13:29:10 GMT >Organization: State University of New York at Stony Brook > >Does anyone know whether the sendmail virus was able to infect >the machines protected by Kerebos? No flames, please, the question >isn't a statement against Kerebos per se; I just wonder whether >clever people will always find ways into "secure" Unix boxes. >What about machines that have met with tempest specs? > > Rick Spanbauer > SUNY/Stony Brook Rick: TEMPEST is a specification for the controlling of electromagentic emissions through which data on a computer system can be compromized. TEMPEST cerfified systems are usually housed in some sort of enclosure (ranging in size from slightly larger than the machine to a computer room) which prevents someone from being able to intercept these emissions and make sense from them. This in and of itself does not make it immune from the kind of virus (worm) which infected the interenet last week. Typically, a TEMPEST certified machine processes classified data. It is ILLEGAL (a federal offense) to have a machine connected to the interenet which contains classified data. Thus, machines which process classified data do not in general have network connections to unclassified networks. If the virus managed to infect a machine which contains classified data then someone (the CSSO in DOE-speak) is not doing their job, and is, as they say in the south, in a heap of trouble. gkn ---------------------------------------- Internet: GKN@SDS.SDSC.EDU Bitnet: GKN@SDSC Span: SDSC::GKN (27.1) MFEnet: GKN@SDS USPS: Gerard K. Newman San Diego Supercomputer Center P.O. Box 85608 San Diego, CA 92138-5608 Phone: 619.534.5076