home *** CD-ROM | disk | FTP | other *** search
- Arpa Network Working Group Bob Metcalfe (PARC-MAXC)
- Request for Comments: 602 Dec 1973
- NIC #21021
-
-
-
- "The Stockings Were Hung by the Chimney with Care"
-
-
- The ARPA Computer Network is susceptible to security violations for at least
- the three following reasons:
-
- (1) Individual sites, used to physical limitations on machine access, have
- not yet taken sufficient precautions toward securing their systems
- against unauthorized remote use. For example, many people still use
- passwords which are easy to guess: their fist names, their initials,
- their host name spelled backwards, a string of characters which are
- easy to type in sequence (e.g. ZXCVBNM).
-
- (2) The TIP allows access to the ARPANET to a much wider audience than
- is thought or intended. TIP phone numbers are posted, like those
- scribbled hastily on the walls of phone booths and men's rooms. The
- TIP required no user identification before giving service. Thus,
- many people, including those who used to spend their time ripping off
- Ma Bell, get access to our stockings in a most anonymous way.
-
- (3) There is lingering affection for the challenge of breaking
- someone's system. This affection lingers despite the fact that
- everyone knows that it's easy to break systems, even easier to
- crash them.
-
- All of this would be quite humorous and cause for raucous eye
- winking and elbow nudging, if it weren't for the fact that in
- recent weeks at least two major serving hosts were crashed
- under suspicious circumstances by people who knew what they
- were risking; on yet a third system, the system wheel password
- was compromised -- by two high school students in Los Angeles
- no less.
-
- We suspect that the number of dangerous security violations is
- larger than any of us know is growing. You are advised
- not to sit "in hope that Saint Nicholas would soon be there".
-
-
-
- RMV:rmv
-
-
