DHS cyber security lagging

    Date17 Dec 2004
    CategoryGovernment
    8491
    Posted ByJoe Shakespeare
    The U.S. Department of Homeland Security is having some homeland cyber security issues on its systems providing remote access to telecommuters, according to a newly-released report by the DHS Inspector General's office.

    Earlier this year security auditors armed with ISS's Internet Scanner, @stake's L0phtCrack and Sandstorm Enterprises' PhoneSweep 4.0 spent five months probing hosts, attacking passwords and war dialing the Department.

    They found that some of the hosts designed to allow home workers and other trusted users access to DHS networks by modem or over the Internet lacked the authentication measures called for by official NIST guidelines and recommendations by the National Security Agency, like minimum password lengths and password aging.

    Moreover, system patches were not kept up to date, leaving some systems open to known buffer overflows and other exploits. Meanwhile, a war dialing effort against 2,800 DHS phone lines turned up 20 modems that the Department couldn't immediately account for.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"5","type":"x","order":"1","pct":45.45,"resources":[]},{"id":"56","title":"No","votes":"6","type":"x","order":"2","pct":54.55,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.