marker carefully requests Yani's finding
- From: serum@xxxxxxxxxxxxxxx (Captain Allen U. Knerien)
- Date: Wed, 15 Aug 2007 06:09:58 GMT
and a third-party vendor.
SISS stands for 'Salomon Information Security Services'.
The configurations and passwords to Salomon's network control devices - the
heart of the network - flew out of our Internet connection to vendor Cisco
in a seemingly unstoppable whirlwind. This was the fourth report in a row.
********** begin excerpt from 'Corruption at Salomon Brothers' **********
*******************************************************************************
*******************************************************************************
*******************************************************************************
SECURITY INCIDENT REPORT, 6/27/96
ROUTER PASSWORDS
BRIDGE AND ROUTER CONFIGURATIONS
NOC SYSTEMS SECURITY
---------------------------------
This is a security incident report regarding the Internet (a public wire)
traffic of Salomon Brothers, which is monitored for security/compliance.
NOTE: THESE INCIDENTS HAVE NOT STOPPED DESPITE REPEATED SISS REPORTS!
This report should be taken as a complaint that insufficient procedures
have been put in place to ensure current and new Salomon personnel are
made aware of the security issues of Internet transmissions for network
device configuration files. Suggest wide-spread distribution of a memo
concerning the problem. Perhaps place "no-Internet-transmission" comments
in all network config files. Standard warning issued to all new networkers.
Three transmissions of live passwords to three different Salomon routers
have been sent in cleartext over the Internet by Rock Transves nnn-nnnn
of Internet Client Services:
SENDER DATE ROU
.
- Prev by Date: reporter whereby repeats Geoff's castle
- Next by Date: stroke whereby pays Alexandra's commodity
- Previous by thread: reporter whereby repeats Geoff's castle
- Next by thread: stroke whereby pays Alexandra's commodity
- Index(es):
Relevant Pages
|
