Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] DOD removes missile defense system report from Web site

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] DOD removes missile defense system report from Web site
Date: Tue, 21 Mar 2006 03:12:14 -0600 (CST) 
http://www.fcw.com/article92668-03-20-06-Web

By Bob Brewin
Mar. 20, 2006

The Defense Department has removed from the DOD inspector general's
Web site a critical report that states that the network that links
radar systems, missile sites and command centers for the Missile
Defense Agency's (MDA) ground-based defense system has serious flaws
in the security technologies, policies and procedures needed to
protect the integrity, availability and confidentiality of information
on the network.

Federal Computer Week published a Web article [1] March 16 and a
follow-up print article [2] today about the report, which states that
MDA and Boeing, the prime contractor for the Ground-based Midcourse
Defense (GMD) system and the GMD Communications Network (GCN) have
allowed the use of group passwords on the unencrypted portion of the
GCN rather than requiring individual passwords.

The report also faults MDA and Boeing for the lack of automated audit
trails -- essential to catch inside or outside threats -- on the
network.

The report, "Select Controls for the Information Security of the
Ground-based Midcourse Defense Communications Network," vanished from
the DOD IG audit report this past weekend.

A DOD spokesman said he was working on getting an explanation from the
IG office on why the report was removed from the Web site, but he said
he was not optimistic about getting back to FCW today. An MDA
spokesman did not return calls from FCW asking for an explanation.

MDA is holding its annual conference today in Washington, D.C., at the
Ronald Reagan Building and International Trade Center, named after the
president who first advocated a missile defense system nicknamed "Star
Wars" to counter perceived missile threats from the now-defunct Soviet
Union.

FCW saved a digital version of the DOD IGN report [1] on the security
flaws in the GCN system and posted the report on its Web site.

[1] http://www.fcw.com/article92640-03-16-06-Web
[2] http://www.fcw.com/article92665-03-20-06-Print
[3] http://www.fcw.com/images/st_images/MDADODIGReport.pdf



_________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] DOD removes missile defense system report from Web site, InfoSec News <=
Previous by Date:  [ISN] Users of SELinux now have a choice on security, InfoSec News
Next by Date:  [ISN] Linux Security Week - March 20th 2006, InfoSec News
Previous by Thread:  [ISN] Users of SELinux now have a choice on security, InfoSec News
Next by Thread:  [ISN] Linux Security Week - March 20th 2006, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]