中文部分由 阿新(Seraph Chutium) http://com.6to23.com/ 补充
This year, the current network has been breached by hackers, computer worms and viruses. In April, government Web sites were manipulated by Chinese hackers angered by the death of a Chinese pilot in a collision with an American spy plane. 这段话看了比较欣慰！ The system was also roughed up by the "Code Red" computer worm and an attack program called "ILoveYou." The viruses affected thousands of government computers. （先贴到这里，大家先看看）文章的后面 Kurtz 说即使有这样的网络，攻击或病毒仍然可以通过软盘和可信任的内部系统中传播。一位现在美国国防部的信息安全项目主管(information-security program director at the Defense Department 不知道是不是这个意思)说，要想在internet上完全阻止一个经验丰富的黑客或者设计精巧的病毒是几乎不可能的。
U.S. Seeks to Build Secure Online Network
Telecom Firms Asked for Help in Constructing Private 'Govnet' System
By Krissah Williams
Washington Post Staff Writer
Thursday, October 11, 2001; Page A10
The government's new cyber-security officials yesterday asked telecommunications companies for help building a government computer network that would have "no risk of outside penetration" -- a task some computer security consultants say is nearly impossible.
Plans for the private network, called Govnet, hinge on whether a reliable network infrastructure can be built at an affordable price, officials said. Computer system consultants said they could not estimate how much the network would cost because of the government's enormous size and security needs.
Richard Clarke, who was appointed special adviser to the president for cyberspace security this week, said he believes a more reliable system can be built. Ninety percent of available fiber-optic space is unused and fairly inexpensive to obtain, he said.
Govnet is part of a plan Clarke announced earlier this week "to secure our cyberspace from a range of possible threats, from hackers to criminals to terrorist groups, to foreign nations, which might use cyber-war against us in the future." Govnet would be completely independent from the Internet to help keep out hackers and viruses, according to the government's plan.
The request from the General Services Administration asks that telecommunications companies submit proposals about how the network could be built, how much it would cost, and how long it would take to construct.
"Based upon that we will make a decision. We're waiting to hear from industry right now," Clarke said.
This year, the current network has been breached by hackers, computer worms and viruses. In April, government Web sites were manipulated by Chinese hackers angered by the death of a Chinese pilot in a collision with an American spy plane. The system was also roughed up by the "Code Red" computer worm and an attack program called "ILoveYou." The viruses affected thousands of government computers.
Last year a report by the General Accounting Office, an internal government watchdog, found weaknesses in the computer network that could allow terrorists or hackers to "severly damage or disrupt national defense or vital public operations or steal sensitive data."
Clarke said the government's current virtual private network is vulnerable to viruses and denial of service attacks that Govnet would make more difficult to execute.
George Kurtz, co-author of "Hacking Exposed" and chief executive of security consulting firm Foundstone Inc., said such a network is feasible but would be costly and difficult to build. It is impossible to stave off all attacks, he said.
"The gist of this entire effort is to try to segment critical government computer systems from the rest of the Internet," Kurtz said. "You can't guarantee against these sort of attacks. There is always going to be a flaw with software, a flaw with hardware or the human element."
Even on Govnet, viruses and attacks could still be spread by floppy disks or connections with trusted systems, Kurtz said.
An internal network, such as the Govnet proposal, is worth investigating but will probably fall to sophisticated hackers, said Amit Yoran, chief executive of security-services company Riptech Inc. and a former information-security program director at the Defense Department.
"It is probably more feasible to implement and strongly enforce global security postures and practices rather than go out and purchase new assets," Yoran said. "Once someone is able to get in, they will find a weak link. When you have a network the size of the government's there will be weak links. Someone will get in."
下面是名为"m4chine"的fucktelus.com组织成员写的一份深入分析。 主要介绍了它的目的、由来、拨号码前缀和最后作者做出的结论。 至于那个“News Article Pertaining to GOVnet”就是上面那篇华盛顿邮报的文章。 ==> 'An Insightful Look at the GOVnet Network' <== ==> By: m4chine ==> Date: 10/12/01 ==> E-mail: email@example.com - Description indeX => -> Introduction -> GOVnet's Purpose -> GOVnet's Origin -> Dial-In Prefixes -> News Article Pertaining to GOVnet -> Conclusion <=> Introduction - GOVnet is the name given to the network infrastructure which serves government offices in Montpelier and Waterbury as well as district offices in twelve cities and towns statewide. In the near future the Whitehouse and the DOD will be adopting this network for nation-wide usage. The physical backbone consists of fiber optic cable connecting state buildings on the Montpelier and Waterbury campuses as well as high-bandwidth digital circuits connecting district offices statewide. The wide-area backbone is divided into OSPF regions with at least one alternative route for each link. From the backbone nodes, 56 Kbps backfeeds serve other government offices, schools, and libraries statewide. In addition there are dial-in sites located in every local calling area of the state facilitating network access with a local phone call from any school or library in the state that elects to have dial-in access. SLIP and PPP access, as well as VT100 access, are supported on a dial-in basis. The network uses the "open" non-proprietary TCP/IP communications protocol which permits connectivity throughout the state, the nation and the world. Network services include Internet access, government-wide e-mail, and WWW access to government. -- GOVnet's Purpose - GOVnet was implemented to meet the twofold network challenge of improved access with reduced costs. The network provides for complete inter-agency and inter-departmental information access through a single system serving all agencies on a cooperative basis. This eliminates the need for each agency or department to provide redundant networks involving duplicate costs. -- GOVnet's Origin - The Vermont Information Strategy Plan (VISP) identified the requirement for information sharing and networking in two of the critical success factors associated with its objectives. The Information Systems Advisory Council (ISAC), which was created by VISP (now called IRMAC), was commissioned by the Telecommun- ication Ten-Year Plan to form a network subcommittee to "develop a plan to integrate network services where such sharing is valuable for information sharing among government agencies (and) where it is designed and implemented with the participation and unanimous approval of ISAC." For a detailed analysis of GOVnet, including a chronology, see the Legislative Joint Fiscal Office's GOVnet. -- Dial-In Prefixes - The list below shows the local dial-in site(s) serving each telephone exchange in the State. For the telephone number of a specific GOVnet dial-in site, wardial the motherfuckin' prefix or social engineer the technology coordinator of the department. Dial-In Sites by Telephone Exchange Telephone Exchange Dial-In Site(s): 222 (Bradford) Bradford 223 (Montpelier) Montpelier, Morrisville 226 (Proctor) Springfield 228 (Ludlow) South Londonderry 229 (Montpelier) Montpelier, Morrisville 234 (Bethel) Randolph, Rutland, Woodstock 235 (Middle Town Springs) Rutland, Wells 241, 244 (Waterbury) Montpelier 247 (Brandon) Middlebury, Rutland 253 (Stowe) Montpelier, Morrisville 254, 257, 258 (Brattleboro) Brattleboro 259 (Mount Holly) Rutland, South Londonderry 263 (Perkinsville) Springfield 265 (Fair Haven) Rutland 266 (Canaan) Canaan 273 (Hubbardton) Rutland 276 (Brookfield) Montpelier, Randolph 277 (Lemington) Canaan 285 (Franklin) St. Albans 287 (Poultney) Rutland, Wells 291 (White River Junction) White River Junction, Woodstock 293 (Danby) Rutland, South Londonderry 295, 296 (White River Junction) White River Junction, Woodstock 325 (Pawlet) Rutland, Wells 326 (Montgomery) St. Albans 328 (Guildhall) Island Pond 333 (Fairlee) Bradford 334 (Newport) Newport 348 (Williamsville) Brattleboro 352 (Salisbury) Middlebury 362 (Manchester) Bennington, South Londonderry 365 (Newfane) Brattleboro 368 (Jacksonville) Brattleboro 371 (Montpelier) Montpelier, Morrisville 372 (Grand Isle) Burlington, St. Albans 375 (Arlington) Bennington, Londonderry 387 (Putney) Brattleboro 388 (Middlebury) Middlebury 394 (Rupert) Bennington, Wells 422 (Sherburne) Rutland, Woodstock 423 (Readsboro) Bennington 425 (Charlotte) Burlington 426 (Marshfield) Montpelier 429 (West Newbury) Bradford 433 (Williamstown) Montpelier, Randolph 434 (Richmond) Burlington 436 (Hartland) White River Junction, Woodstock 438 (West Rutland) Rutland 439 (East Corinth) Bradford 442 (Bennington) Bennington 446 (Wallingford) Rutland 447 (Bennington) Bennington 453 (Bristol) Middlebury 454 (Plainfield) Montpelier 456 (East Calais) Montpelier, Morrisville 457 (Woodstock) White River Junction, Woodstock 459 (Proctor) Rutland 462 (Cornwall) Middlebury 463 (Bellows Falls) Bellows Falls, Springfield 464 (Wilmington) Bennington, Brattleboro 467 (West Burke) Island Pond, St. Johnsbury 468 (Castleton) Rutland 472 (Hardwick) Montpelier, Morrisville, St. Johnsbury 475 (Panton) Middlebury 476, 479 (Barre) Montpelier 482 (Hinesburg) Burlington 483 (Pittsford) Rutland 484 (Reading) Woodstock 485 (Northfield) Montpelier, Randolph 492 (Cuttingsville) Rutland 496 (Waitsfield) Middlebury, Montpelier, Randolph 524 (St. Albans) St. Albans 525 (Barton) Island Pond, Newport 527 (St. Albans) St. Albans 533 (Greensboro) Morrisville, St. Johnsbury 537 (Benson) Rutland 545 (Weybridge) Middlebury 546 (Weathersfield) Springfield 563 (Cabot) Montpelier, St. Johnsbury 583 (Waitsfield) Middlebury, Montpelier, Randolph 584 (Groton) Bradford 586 (Craftsbury) Morrisville 586 (Greensboro) Morrisville, St. Johnsbury 592 (Peacham) St. Johnsbury 623 (Whiting) Middlebury 626 (Lyndonville) St. Johnsbury 633 (Barnet) St. Johnsbury 635 (Johnson) Morrisville 644 (Jeffersonville) Morrisville 645 (Wells) Wells 649 (Norwich) White River Junction, Woodstock 651, 654, 655, 656, 657, 658, 660 (Burlington) Burlington 672 (Bridgewater) Woodstock 674 (Windsor) Springfield, White River Junction, Woodstock 676 (Maidstone) Island Pond 684 (Danville) St. Johnsbury 685 (Chelsea) Randolph 694 (Stamford) Bennington 695 (Concord) St. Johnsbury 722 (Westminster) Bellows Falls 723 (Island Pond) Island Pond, Newport 728 (Randolph) Randolph 744 (Troy) Newport 746 (Pittsfield) Rutland 747 (Rutland) Rutland 748, 751 (St. Johnsbury) St. Johnsbury 754 (Orleans) Island Pond, Newport 755 (Albany) Morrisville, Newport 757 (Wells River) St. Johnsbury 758 (Bridport) Middlebury 759 (Addison) Middlebury 763 (South Royalton) Randolph, White River Junction, Woodstock 765 (South Strafford) White River Junction 766 (Derby) Newport 767 (Rochester) Middlebury, Randolph 769 (Essex Junction) Burlington 770, 772, 773, 775 (Rutland) Rutland 785 (Thetford) White River Junction 786 (Rutland) Rutland 796 (Alburg) St. Albans 822 (Island Pond) Island Pond 822 (Norton) Canaan, Island Pond 823 (Pownal) Bennington 824 (South Londonderry) South Londonderry 827 (East Fairfield) St. Albans 828 (Montpelier) Montpelier, Morrisville 843 (Grafton) Bellows Falls, South Londonderry 848 (Richford) St. Albans 849 (Fairfax) St. Albans 860, 862, 863, 864 (Burlington) Burlington 866 (Newbury) Bradford 867 (Dorset) Bennington 868 (Swanton) St. Albans 869 (Saxtons River) Bellows Falls, Springfield 871, 872 (Essex Junction) Burlington 873 (Derby Line) Newport 874 (Jamaica) Brattleboro, South Londonderry 875 (Chester) Bellows Falls, Springfield, South Londonderry 877 (Vergennes) Middlebury 878, 879 (Essex Junction) Burlington 883 (Barre) Montpelier 883 (Washington) Montpelier 885, 886 (Springfield) Bellows Falls, Springfield 888 (Morrisville) Montpelier, Morrisville 889 (Tunbridge) Randolph 899 (Underhill) Burlington 892 (Lunenburg) Guildhall 893 (Milton) Burlington, St. Albans 895 (Morgan) Island Pond, Newport 896 (Wardsboro) Bennington, Brattleboro, South Londonderry 897 (Shoreham) Middlebury 928 (Isle La Motte) St. Albans 933 (Enosburg Falls) St. Albans 948 (Orwell) Middlebury 962 (Bloomfield) Island Pond 988 (North Troy) Newport -- Conclusion - This is what the US Government gets for publically releasing documentation on the Internet about their so-called "secret" and "private" network... I know you'll have a few good laughs about that one (I know I did). Love, Peace, And Afro Grease!