From: fergp@sytex.com (Paul Ferguson)
To: cypherpunks@toad.com
Message Hash: 16ec9c702eec5f1ce064ed3170909a3718f456cbf39268028243ca87af47e301
Message ID: <9TJX8B1w165w@sytex.com>
Reply To: N/A
UTC Datetime: 1993-08-07 21:49:06 UTC
Raw Date: Sat, 7 Aug 93 14:49:06 PDT
From: fergp@sytex.com (Paul Ferguson)
Date: Sat, 7 Aug 93 14:49:06 PDT
To: cypherpunks@toad.com
Subject: NIST contact information
Message-ID: <9TJX8B1w165w@sytex.com>
MIME-Version: 1.0
Content-Type: text/plain
For anyone interested, this text was excerpted from the Computer
Systems Laboratory (CSL) Bulletin for July 1993, entitled, "Connecting
to the Internet: Security Considerations." Ironically, one paragraph
specifically states the admitted security concerns for unencrypted
traffic:
"Ease of Spying and Spoofing: The vast majority of Internet traffic
is unencrypted and therefore easily readable. As a result, e-mail,
passwords, and file transfers can be monitored and captured using
readily available software. Intruders have been known to monitor
connections to well-known Internet sites for the purpose of gaining
information that would allow them to crack security or to steal
valuable information. This information sometimes permits intruders
to spoof legitimate connections, i.e., trick system security into
permitting normally disallowed network connections."
Surprisingly, the article also acknowledges the mind-boggling growth
of the Internet in a statement that says, "Consequently, the Internet
is now growing faster than any telecommunications system thus far,
including the telephone system." With that in mind, the "key-ecrow"
system is, in my opinion, just the beginning in a systemmatic
approach which I believe the NSA and the Justice Department will
attempt to entrench in their ever-elusive "War on Drugs" (WoD), etc.
This may become even more sinister in that the RICO statutes may
empower them with the ability to effectively eavesdrop at will,
monitoring voice and data communications in the shadows.
This file is on the NIST's publicly available system as
JUL93BLT.TXT. Other reports, announcements and bulletins are available
on their system which may be of interest to you. Information about how
to connect to the system is included below:
"NIST maintains a computer security bulletin board system (BBS)
and Internet-accessible site for computer security information open
to the public at all times. These resources provide information on
computer security publications, CSL Bulletins, alert notices,
information about viruses and anti-virus tools, a security events
calendar, and sources for more information.
To access the BBS, you need a computer with communications
capability and a modem. For modems at 2400 bits per second (BPS)
or less, dial (301) 948-5717. For 9600 BPS, dial (301) 948-5140.
Modem settings for all speeds are 8 data bits, no parity, 1 stop
bit.
Internet users with telnet or ftp capability may telnet to the BBS
at cs-bbs.nist.gov (129.6.54.30). To download files, users need to
use ftp as follows: ftp to csrc.nist.gov (129.6.54.11), log into
account anonymous, use your Internet address as the password, and
locate files in directory pub; an index of all files is available
for download. For users with Internet-accessible e-mail
capability, send e-mail to docserver@csrc.nist.gov with the
following message: send filename, where filename is the name of
the file you wish to retrieve. send index will return an index of
available files."
Paul Ferguson | "Government, even in its best state,
Network Integrator | is but a necessary evil; in its worst
Centreville, Virginia USA | state, an intolerable one."
fergp@sytex.com | - Thomas Paine, Common Sense
Type bits/keyID Date User ID
pub 1024/1CC04D 1993/03/15 Paul Ferguson <fergp@sytex.com>
Key fingerprint = EE D2 93 7D 04 6D C6 05 AC 36 AD 9D 8E 4F 41 58
Return to August 1993
Return to “fergp@sytex.com (Paul Ferguson)”
1993-08-07 (Sat, 7 Aug 93 14:49:06 PDT) - NIST contact information - fergp@sytex.com (Paul Ferguson)