FYI happy information ------------------------------------------------------ Flemming Videbaek Physics Department Brookhaven National Laboratory tlf: 631-344-4106 fax 631-344-1334 e-mail: videbaek@bnl.gov ----- Original Message ----- From: "White DePace, Susan M" <swd@bnl.gov> To: "Bunce, Gerry M" <bunce@bnl.gov>; "Carroll, Alan S" <acarroll@bnl.gov>; "Chrien, Robert E" <chrien@bnl.gov> Cc: "Ludlam, Thomas W" <ludlam@bnl.gov> Sent: Wednesday, May 02, 2001 9:37 AM Subject: Cyber Security Modification to BNL's Perimeter Defense Network > TO RHIC & AGS USERS > > The following is a message from Tom Throwe regarding the Cyber Security > modification announced yesterday by BNL's Deputy Director, Tom Sheridan. > > BNL Cyber Security will begin to block ICMP and X11 traffic at the BNL > perimeter in anticipation of increased hacker activity (see announcement > below). The impact on users will be that "ping" and "traceroute" to BNL > will fail (blocking of ICMP), and DIRECT X-windows connections will also > fail (blocking X11). Since all users should be connecting to the lab > through the "ssh" program, X-windows connections will not be affected by the > change in the BNL perimeter, since the X11 traffic goes though the ssh > connection itself. If you are using ssh and your X-windows connections fail > after the change, then you should check to make sure that you are not > explicitly setting the $DISPLAY variable. You should let ssh set the > $DISPLAY variable. > > Contact the ITD Helpdesk at https://www.rcf.bnl.gov/new_cts_rcfusers.html if > you have any problems or questions. > > > Susan White-DePace, User Administrator > RHIC & AGS Users' Center > Brookhaven National Laboratory > Building 355A > Upton, NY 11973-5000 > > Phone: (631) 344-7959 > Fax: (631) 344-8686 > Office e-mail: userscenter@bnl.gov > Personal e-mail: swd@bnl.gov > > > -----Original Message----- > From: BNL Media & Communications [mailto:pubaf@bnl.gov] > Sent: Tuesday, May 01, 2001 2:28 PM > To: BNL Labwide Broadcasts > Subject: Cyber Security Modification to BNL's Perimeter Defense Network > > > > This message is being sent to all employees on behalf of Deputy > Laboratory Director Tom Sheridan. Please share this information with > others in your area who do not have access to e-mail. > *** > > The Department of Energy's Computer Incident Advisory Center recently > issued a notice giving DOE facilities a "heads-up" on the likelihood > of increased cyber-attack activity from China. The DOE expects all > Office of Science facilities to take this notice very seriously, and > to review and prepare to respond to any anomalies within our systems > > As numerous media and government sources have reported, political > tensions between the United States and China intensified over the > past several weeks. These sources also said it is likely that > organized groups of Chinese hackers will target networks - > specifically government and military ones - in the United States, > beginning on May 1 and continuing through May 7. The attacks are > expected to peak on May 4, Chinese Youth Day - a national holiday. > > BNL's Intrusion Detection System already has seen an increase in > attacks by hackers from China. There have been vulnerability scans > and attempts to compromise servers using the known vulnerabilities > associated with the ports/services currently open via our firewall. > To deal with this immediate concern, on May 1, 2001, Information > Technology Division's (ITD's) Cyber Security Operations will block > two types of Internet traffic at the perimeter firewall: Internet > Control Message Protocol (ICMP) and X Windows System (X11). The > Cyber Security Advisory Council has reviewed and approved this > action. > > ITD does not anticipate that you will experience any significant > problems whatsoever due to the blocking of this traffic. However, if > you experience any problems, please call the Help Desk at Ext. 5522. > -- > > ************************************** > BNL Media & Communications > pubaf@bnl.gov > 631-344-3174 or 2345 * Fax 631-344-3368 > Brookhaven National Laboratory > Bldg. 134 PO Box 5000 > Upton NY 11973 > www.bnl.gov > > ************************************** >
This archive was generated by hypermail 2b29 : Wed May 02 2001 - 10:01:37 EDT